Clarify checking for freeze attacks on the root metadata file.

theupdateframework · May 31, 2017 · 13cfa2e · 13cfa2e
1 parent c1e72e0
commit 13cfa2e
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/docs/tuf-spec.txt b/docs/tuf-spec.txt
@@ -970,11 +970,17 @@ Version 1.0 (Draft)
  1.5. **Check for a freeze attack.** The latest known time should be lower
  than the expiration timestamp in the current root metadata file.
 
+ 1.5. Note that the expiration of the current (intermediate) root metadata
+ file does not matter yet, because we will check for it in step 1.8.
+
  1.6. Set the previous to the current root metadata file.
 
- 1.7. Repeat steps 1.1 to 1.6.
+ 1.7. Repeat steps 1.1 to 1.7.
+
+ 1.8. **Check for a freeze attack.** The latest known time should be lower
+ than the expiration timestamp in the current root metadata file.
 
- 1.8. **If the the timestamp and / or snapshot keys have been rotated, then
+ 1.9. **If the the timestamp and / or snapshot keys have been rotated, then
  delete the previous timestamp and snapshot metadata files.** This is done
  in order to recover from fast-forward attacks after the repository has been
  compromised and recovered. A _fast-forward attack_ happens when attackers