this is the current thinking for the first implementation about:
How to retrieve each repair BRAND-ID/REPAIR-ID, HTTPS vs HTTP
-
Try to retrieve the headers only (as JSON) over HTTPS at:
https://api.snapcraft.io/v2/repairs/BRAND-ID/REPAIR-IDfilter whether it’s applicable or not (recording information and decision if not)
-
If applicable retrieve and verify the full repair (as application/x.ubuntu.assertion) also over HTTPS
When doing HTTPS use for verifying certificates a time given by the max(sys-time, time-lower-bound) (at least in case we got an error about time validity of the cert (not valid yet)).
Where time-lower-bound is obtained by considering the max of:
- image creation time (timestamp of seed.yaml for example)
- server reported time of previous successful HTTPS requests
- timestamp of valid retrieved repairs
- possibly time lower bound as kept by snapd itself
If HTTPS still fails (in case of TLS-related reasons) try again from scratch retrieving the full repair over HTTP.