Clarify recovery from ffwd on top-level roles

mnm678 · mnm678 · commit 7d1695ec9701 · 2021-02-24T16:38:27.000-08:00
Clarify what files to delete or untrust in various situations to
recover from a fast-forward attack on top-level metadata.
diff --git a/tuf-spec.md b/tuf-spec.md
@@ -1318,16 +1318,28 @@ it in the next step.
   report the potential freeze attack.  On the next update cycle, begin at step
   [[#update-root]] and version N of the root metadata file.
 
-11. **If the timestamp and / or snapshot keys have been rotated, then delete the
-  trusted timestamp and snapshot metadata files.** This is done
-  in order to recover from fast-forward attacks after the repository has been
-  compromised and recovered. A _fast-forward attack_ happens when attackers
-  arbitrarily increase the version numbers of: (1) the timestamp metadata, (2)
-  the snapshot metadata, and / or (3) the targets, or a delegated targets,
-  metadata file in the snapshot metadata. Please see [the Mercury
-  paper](https://theupdateframework.io/papers/prevention-rollback-attacks-atc2017.pdf)
+11. **Fast-forward attack recovery** A _fast-forward attack_ happens
+  when attackers arbitrarily increase the version numbers in any of the
+  timestamp, snapshot, targets, or delegated targets metadata. To recover from
+  fast-forward attacks after the repository has been compromised and recovered,
+  certain metadata files need to be deleted as specified in this section.
+  Please see [the Mercury
+  paper](https://ssl.engineering.nyu.edu/papers/kuppusamy-mercury-usenix-2017.pdf)
   for more details.
 
+    1. **Targets recovery** If a threshold of targets keys are removed
+    from the root metadata, delete the old top-level targets, snapshot, and
+    timestamp metadata files.
+
+    2. **Snapshot recovery** If a threshold of snapshot keys have
+    been removed in the new trusted root metadata compared to the previous
+    trusted root metadata, delete the old snapshot and timestamp metadata
+    files.
+
+    3. **Timestamp recovery** If a threshold of timestamp keys have
+    been removed from the new trusted root metadata compared to the previous
+    trusted root metadata, delete the old timestamp metadata file.
+
 12. **Set whether consistent snapshots are used as per the trusted**
     root metadata file (see [[#file-formats-root]]).
 
