TAP 17 proposes detaching the signature wrapper from the TUF specification, in order to allow using e.g. the Dead Simple Signing Envelope (DSSE) instead of the traditional canonicalisation-based container format. This should be supported by python-tuf, more specifically:

• there should be a low-level metadata API to read, verify, sign and write DSSE envelopes with TUF payloads, and
• ngclient should be able to consume and verify DSSE envelopes with TUF payloads

NOTE: Below "Envelope" means DSSE and "Metadata" means traditional canonicalisation-based metadata container. "Payload" refers to the inner role metadata that can be wrapped by either Envelope or Metadata.

Note on different usage patterns

In the current metadata API TUF Payloads are typically wrapped in Metadata throughout their lifetime. This means, users create, or load and deserialise the entire Metadata object, and then interact with the contained Payload. Signature verification and creation happens independently over an on-the-fly canonicalised Payload.

A deserialised Envelope object, on the other hand, contains the non-deserialised Payload, so that it can verify signatures over the verbatim bytes, before deserialising the untrusted Payload. Given that no canonicalisation is involved, a Payload cannot reliably be tied back to an existing Envelope and its signatures once it has been deserialised. This means, the user is likely to operate on the Payload alone, discarding the Envelope after signature verification, or only creating it right before signing respectively.

References and Related work

• securesystemslib DSSE implementation
• PR: Adopt DSSE in Metadata API (rejected)
  PoC of the securesystemslib DSSE implementation, to be usable interchangeably for Metadata and Envelope for tuf and in-toto. It was rejected for being too over-engineered, but might still be useful as inspiration or anti-example.
• FEATURE: DSSE bridge (not possible)
• PR: Move verify_delegate() to Root/Targets
  Not directly related to DSSE, but detaches TUF verification implementation from Metadata, and thus paves the way to signature wrapper agnosticism.