wiki:SecureUpdates-2Q10-status

Version 3 (modified by Vic Thomas, 14 years ago) (diff)

--

Technical Status Report for Secure Updates project

Period: April through June 2010

PI: Justin Cappos

1. Major accomplishments

A. Milestones achieved

N/A

B. Deliverables made

May 30, 2010 1f) Demonstrate push mechanism that provides security metadata to the repository library.

sent to Vic Thomas on May 29th

May 30, 2010 1g) Make available the code for example client software update system implementation using the client library.

sent to Vic Thomas on May 29th

Jun 2?, 2010 UW ARRA report

Sent to Melody on June 1st
Submitted by Julie on June 9th

2. Description of work performed during last quarter

A. Activities and findings

We constructed a push mechanism for securely adding developer updates to a repository. We also constructed an example software update system using TUF.

B. Project participants

Justin Cappos (PI)
Justin Samuel (Programmer)
Geremy Condra (Programmer)

C. Publications (individual and organizational)

We received notification of acceptance of a paper on TUF in Computer and Communications Security (CCS) 2010.

D. Outreach activities

None

E. Collaborations

We had detailed discussion with PyPI developers about integration. We built a proof-of- concept integration with PyPI and easyinstall. At this point and time, production integration does not seem to be a wise investment of time.

We continued preliminary discussions with the Raven and Tor developers about integration. The Seattle project agreed to use the TUF updater in its next release.

F. Other Contributions

None