Skip to content

Commit

Permalink
refer to bins roles as bin-n
Browse files Browse the repository at this point in the history
  • Loading branch information
@mnm678 @lukpueh
mnm678 authored and lukpueh committed Oct 10, 2019
1 parent dfb86e6 commit 8e30797
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pep-0458.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -400,7 +400,7 @@ not have any of the keys required to sign for projects. However, it does not
protect projects from attackers who have compromised PyPI, since attackers can
manipulate TUF metadata using the keys stored online.

This PEP proposes that the *bins* role's delegated roles sign for all
This PEP proposes that the *bin-n* roles sign for all
PyPI projects with online keys. The *targets* role, which only signs with an
offline key, MUST delegate all PyPI projects to the *bins* role. This means
that when a package manager such as pip (i.e., using TUF) downloads a
Expand Down

0 comments on commit 8e30797

Please sign in to comment.