diff options
author | Linus Nordberg <linus@nordberg.se> | 2021-09-07 17:08:24 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus.dahlberg@kau.se> | 2021-10-02 00:54:13 +0200 |
commit | e02151344132f6df09db8a9abb886c763e068ce1 (patch) | |
tree | 9d2a004143dc9e18bbe1627da276208a67eff57d /doc | |
parent | f75998d4b7828b653e6c3127dd1f5f31ee5914a2 (diff) |
don't require Trunnel
Diffstat (limited to 'doc')
-rw-r--r-- | doc/design.md | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/doc/design.md b/doc/design.md index d1ada44..5d23df8 100644 --- a/doc/design.md +++ b/doc/design.md @@ -119,12 +119,13 @@ The only supported hash function is SHA256. Not having any cryptographic agility makes protocols and data formats simpler and more secure. - **Simple (de)serialization parsers:** complex (de)serialization parsers increase attack surfaces and make the system more difficult to use in -constrained environments. A claimant's sigsum statements are serialized using -[Trunnel](https://gitlab.torproject.org/tpo/core/trunnel/-/blob/main/doc/trunnel.md). -A sigsum log's statements are serialized using line-terminated ASCII +constrained environments. A claimant's sigsum statements can be (de)serialized using +[Trunnel](https://gitlab.torproject.org/tpo/core/trunnel/-/blob/main/doc/trunnel.md), +or "by hand" in many modern programming languages. +A sigsum log's statements are serialized as line-terminated ASCII [\[Checkpoint\]](). A sigsum log's HTTP(S) API uses line-terminated ASCII [\[SigsumAPI\]](). -The required parsing is easy to implement yourself. +The required parsing is easy to implement without too much trouble or dependencies. ### 1.4 - Roadmap First we describe our threat model. Then we give a bird's view of the design. |