- TAP 1: TAP Purpose and Guidelines
- TAP 2: TAP template
- TAP 3: Multi-role delegations
- TAP 4: Multiple repository consensus on entrusted targets
- TAP 6: Include specification version in metadata
- TAP 8: Key rotation and explicit self-revocation
- TAP 9: Mandatory metadata signing schemes
- TAP 10: Remove native support for compressed metadata
- TAP 11: Using POUFs for Interoperability
- TAP 12: Improving keyid flexibility
- TAP 15: Succinct hashed bin delegations
- TAP 20: Self-revocation
- TAP 13: User Selection of the Top-Level Target Files Through Mapping Metadata
- TAP 16: Snapshot Merkle Trees
- TAP 17: Remove Signature Wrapper from the TUF Specification
- TAP 18: Ephemeral identity verification using sigstore's Fulcio for TUF developer key management
- TAP 19: Content Addressable Systems and TUF
This work is distributed under the Community Specification License 1.0. Please see LICENSE for more details.
This project is managed by Prof. Justin Cappos and other members of the Secure Systems Lab at NYU.
This material is based upon work supported by the National Science Foundation under Grant Nos. CNS-1345049 and CNS-0959138. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.