Add details about ffwd attacker goals

Co-Authored-By: Justin Cappos <[email protected]>
Co-Authored-By: Joshua Lock <[email protected]>

Author: 3 people

tuf-spec.md

@@ -1320,12 +1320,15 @@ it in the next step.
 
 11. **Fast-forward attack recovery** A _fast-forward attack_ happens
   when attackers arbitrarily increase the version numbers in any of the
-  timestamp, snapshot, targets, or delegated targets metadata. To recover from
+  timestamp, snapshot, targets, or delegated targets metadata. The attacker goal
+  is to cause clients to refuse to update the metadata later because the attacker's
+  listed metadata version number (possibly MAX_INT) is greater than the new valid 
+  version.  To recover from
   fast-forward attacks after the repository has been compromised and recovered,
   certain metadata files need to be deleted as specified in this section.
   Please see [the Mercury
   paper](https://ssl.engineering.nyu.edu/papers/kuppusamy-mercury-usenix-2017.pdf)
-  for more details.
+  for more details on fast-forward attacks.
 
     1. **Targets recovery** If a threshold of targets keys have been
     removed in the new trusted root metadata compared to the previous trusted