[riot-notifications] [RIOT-OS/RIOT] suit: Initial minimal CBOR-based SUIT manifest parser (#10315)

Emmanuel Baccelli notifications at github.com
Wed Feb 27 13:26:19 CET 2019


thanks for your vigilance @danpetry 

In  practice, nodes with small micro-controllers such as those targeted by RIOT have no notion of the absolute time on-board.
Two options to solve this issue:
1. assume some upstream computer (e.g. the software update repo) serves manifests only if the timestamp check passes;
2. assume the node can poll a trusted remote server which can indicate the current time;

Both options are out of scope for this PR. 

For the conditionals, I let @bergzand answer ;)

That said: 
- I agree we should indicate in the comments something like "the implementation complies with v1 specification, except BLAH and BLAH to be addressed later";
- this is only a *parser* and not the full process of validation, so upcoming complementary PRs are expected anyhow.

The idea here is to get preliminary building blocks in master, to PR before the IETF104 Hackathon a ready-to-use example of RIOT firmware update using a suit-cbor metadata manifest.
Then at the hackathon, different people could split work to collaborate on next steps (support for more features, upgrade to v4 etc.)

Makes sense?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/10315#issuecomment-467843250
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190227/1fa1dec7/attachment.html>


More information about the notifications mailing list