1 |
commit: 9de08400de2f199c2e457edeedd7b88e9a02be8c |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Nov 13 16:56:46 2017 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Nov 13 16:56:46 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=9de08400 |
7 |
|
8 |
glep-0074: Clarify timestamp handling of sub-Manifests |
9 |
|
10 |
glep-0074.rst | 17 ++++++++++++----- |
11 |
1 file changed, 12 insertions(+), 5 deletions(-) |
12 |
|
13 |
diff --git a/glep-0074.rst b/glep-0074.rst |
14 |
index b4dd7a0..e8fc849 100644 |
15 |
--- a/glep-0074.rst |
16 |
+++ b/glep-0074.rst |
17 |
@@ -162,7 +162,7 @@ for which the verification failed. |
18 |
Timestamp verification |
19 |
---------------------- |
20 |
|
21 |
-The Manifest file can contain a ``TIMESTAMP`` entry to account |
22 |
+The top-level Manifest file can contain a ``TIMESTAMP`` entry to account |
23 |
for attacks against tree update distribution. If such an entry |
24 |
is present, it should be updated every time at least one |
25 |
of the Manifests changes. Every unique timestamp value must correspond |
26 |
@@ -180,6 +180,11 @@ using a secure channel from a trusted source for exact comparison. |
27 |
The exact details of such a solution are outside the scope of this |
28 |
specification. |
29 |
|
30 |
+``TIMESTAMP`` entries may also be present in sub-Manifests. Those |
31 |
+timestamps must not be newer than the timestamp of the top-level |
32 |
+Manifest (if present). This specification does not define any specific |
33 |
+use for them. |
34 |
+ |
35 |
|
36 |
Modern Manifest tags |
37 |
-------------------- |
38 |
@@ -190,10 +195,9 @@ The Manifest files can specify the following tags: |
39 |
Specifies a timestamp of when the Manifest file was last updated. |
40 |
The timestamp must be a valid second-precision ISO8601 extended format |
41 |
combined date and time in UTC timezone, i.e. using the following |
42 |
- ``strftime()`` format string: ``%Y-%m-%dT%H:%M:%SZ``. Optionally used |
43 |
- in the top-level Manifest file. The package manager can use it |
44 |
- to detect an outdated repository checkout as described in `Timestamp |
45 |
- verification`_. |
46 |
+ ``strftime()`` format string: ``%Y-%m-%dT%H:%M:%SZ``. Optional. |
47 |
+ The package manager can use it to detect an outdated repository |
48 |
+ checkout as described in `Timestamp verification`_. |
49 |
|
50 |
``MANIFEST <path> <size> <checksums>...`` |
51 |
Specifies a sub-Manifest. The sub-Manifest must be verified like |
52 |
@@ -605,6 +609,9 @@ in the distribution process, past the Manifest generation phase. Those |
53 |
files will most likely receive ``IGNORE`` entries and therefore |
54 |
be not suitable to safe use. |
55 |
|
56 |
+The specification permits additional timestamps in sub-Manifest files |
57 |
+for local use. A generic testing tool should ignore them. |
58 |
+ |
59 |
|
60 |
New vs deprecated tags |
61 |
---------------------- |