For TBB 3.0, we should use the Firefox updater. We should audit the
Firefox updater for issues, and triage which of Thandy's features we should merge to it. (For example, we might want to sign the metadata file if it isn't signed; timestamp it if it isn't timestamped, add multiple-signature support, and so on.) [1]
That sounds like reinventing the wheel.
Thandy was a good research platform, not a long-term piece of software
we want to support. [1]
Why not use its predecessor, TUF? [2] [3]
TUF is written in python, and after all those years, TUF developers are still maintaining it and actively developing it. I think in future TUF will become a mature and widespread solution. Also work is being done to let pip (the python library installer) internally use TUF. So it can't be so bad after all?
If you have discussed this and reasons for rejecting, fine. Just wanted to throw it in, because I think basing this feature on another active project (TUF) works better than reinventing the wheel.
[1] Commenting on: https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeet... [2] https://www.updateframework.com/ [3] https://github.com/theupdateframework/tuf