It is probably not helpful for Timestamp to list Snapshot's hash

Timestamp and Root are likely to be the two most-downloaded files on a repository. Currently, Timestamp lists information for Snapshot in a different way than Snapshot lists information for Targets and delegated targets files: timestamp lists the hash of snapshot in addition to the version number of snapshot. It is not clear that this is actually useful.

The costs to this are a few:
- It adds size to the timestamp role file (one hash where timestamp would otherwise not contain hashes)
- It makes the timestamp role file a little harder to read and understand.
- It makes conceptually reconciling timestamp and snapshot definitions a bit harder for implementers / new folks.
- It requires a bulkier and less intuitive programmatic representation (in formats.py and tuf_metadata_definitions.asn1).

[Snapshot definition](https://github.com/theupdateframework/specification/blame/f5a6f00a2a5d8c4b05e24bbe5de718aa09da167c/tuf-spec.md#L690-L711)
[Timestamp definition](https://github.com/theupdateframework/specification/blame/f5a6f00a2a5d8c4b05e24bbe5de718aa09da167c/tuf-spec.md#L905-L953)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

It is probably not helpful for Timestamp to list Snapshot's hash #28

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

It is probably not helpful for Timestamp to list Snapshot's hash #28

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions