What is the feature about?

This feature aims to support offline keys for Targets metadata role. It was proposed by @JustinCappos in the last RSTUF Community Meeting as an easy and quick approach for advanced users. It can also serve as a seed feature for issue #244.

To enable this feature, the user gives the Custom Delegated Role signed with offline keys directly to RSTUF API. The RSTUF API will submit this role to the RSTUF Worker, and the user will manage it directly.

The initial idea (#244) aims to have the top-level Targets roles with offline keys and support custom delegated roles using offline keys. However, Justin Cappos suggests directly supporting custom delegated roles with offline keys for some user cases. For example, users who want to sign a specific delegated path for each added target artifact.

Services it relates to

repository-service-for-tuf-api, repository-service-for-tuf-worker

Related tasks

No response

References

• #244

Code of Conduct

• I agree to follow this project's Code of Conduct