ngclient: skipping visited roles

[jku]

spec says (for each role in delegation tree):

If this role has been visited before, then skip this role

ngclient does:

if (role_name, parent_role) in visited_role_names:
    logger.debug("Skipping visited current role %s", role_name)
    continue

So it only skips if role has been visited from same parent. If there is a good reason for allowing the same role multiple times in the delegation tree (against the spec), it should be documented somehow. Alternatively we should do what the spec says and make visited_role_names just a set of role names (and not a set of tuple)...

Pinging @sechkova for comment: there's probably a reason ngclient does this (considering legacy client does not do this), happen to remember what it is?

[jku]

I guess the reasons are related to this theupdateframework/specification#177

Still, IMO the spec seems clear on what the requirements are now: a role can only be in a specific delegation tree traversal once by specification. So we should have at least comment explaining the reason for not doing that.

[sechkova]

Pinging @sechkova for comment: there's probably a reason ngclient does this (considering legacy client does not do this), happen to remember what it is?

From what I remember, the only reason was a different reading of the spec. The author of theupdateframework/specification#177 has very well described the possible interpretations.
Given that skipping "role" is simpler and there seems to be an agreement that it is a correct way of implementing it, I am not against doing the change.

[avelichka]

Could you please assign that to me ;)

[sechkova]

Let's do as the old client does and skip a role (node on the delegations graph) without considering its parent.
As discussed in theupdateframework/specification#177 this is

• the literal reading of the specification
• the simpler and practical solution for single-role delegations and python-tuf does not support multi-role delegations at this point.

[ivanayov]

Can I take this?