docs: rewrite README

- Switch from rst to markdown (syntax is just so much easier) - Add honest project description (securesystemslib is for TUF and in-toto). - Remove wordy Overview section. Relevant information about crypto backends, and key types and formats should be documented as part of the API on RTD. - Replace legacy interface snippets in Usage section with link to securesystemslib RTD page. Legacy interfaces have functional replacements in the new Signer API, i.e. CryptoSigner for file-based RSA, ed25519, ecdsa keys, and GPGSigner for GPG keys. Signer API docs are still WIP (see secure-systems-lab#622), but already seem more useful than the legacy docs. And we definitely don't want to encourage anyone to use legacy interfaces. - Shorten installation/testing sections. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
lukpueh · Aug 24, 2023 · db459d0 · db459d0
1 parent 357f4d9
commit db459d0
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 389 deletions.
diff --git a/README.md b/README.md
@@ -0,0 +1,40 @@
+# securesystemslib
+
+[![CI](https://github.com/secure-systems-lab/securesystemslib/workflows/Run%20Securesystemslib%20tests/badge.svg)](https://github.com/secure-systems-lab/securesystemslib/actions?query=workflow%3A%22Run+Securesystemslib+tests%22+branch%3Amain)
+
+A cryptography interface to sign and verify
+[TUF](https://theupdateframework.io) and [in-toto](https://in-toto.io)
+metadata.
+
+## Installation
+
+The default installation supports [pure-Python `ed25519` signature
+verification](https://github.com/pyca/ed25519) only. To enable other schemes and
+signature creation, `securesystemslib` can be installed with *extras*. See
+[pyproject.toml](pyproject.toml) for available *optional dependencies*.
+
+```bash
+# Install with ed25519, RSA, ECDSA sign and verify support
+pip install securesystemslib[crypto]
+```
+
+## Usage
+[python-securesystemslib.readthedocs.io](https://python-securesystemslib.readthedocs.io)
+
+## Contact
+- Questions and discussions:
+ [`#securesystemslib-python`](https://cloud-native.slack.com/archives/C05PF3GA7AL)
+ on [CNCF Slack](https://communityinviter.com/apps/cloud-native/cncf)
+- Security issues: [*Draft a new security
+ advisory*](https://github.com/secure-systems-lab/securesystemslib/security/advisories/new)
+- Other issues and requests: [*Open a new
+ issue*](https://github.com/secure-systems-lab/securesystemslib/issues/new)
+
+## Testing
+`tox` is used for testing. It can be installed via
+[pip](https://tox.wiki/en/4.9.0/installation.html#via-pip) and executed from the
+command line in the root of the repository.
+
+```bash
+tox
+```