Skip to content

Commit 95aab1b

Browse files
lukpuehtrishankatdatadog
lukpueh
and
trishankatdatadog
committed
Fix client workflow section references
Update references to adopt section and step number changes in: - #116, which added a "persist root metadata" step and thus pushed back the "check freeze attack" step; and in - a recent commit that added the section number as prefix to all steps of the client workflow. Co-authored-by: Trishank Karthik Kuppusamy <[email protected]>
1 parent bf7b0f3 commit 95aab1b

File tree

1 file changed

+15
-15
lines changed

1 file changed

+15
-15
lines changed

tuf-spec.md

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1096,29 +1096,29 @@ repo](https://github.com/theupdateframework/specification/issues).
10961096
kilobytes. The filename used to download the root metadata file is of the
10971097
fixed form VERSION_NUMBER.FILENAME.EXT (e.g., 42.root.json). If this file is
10981098
not available, or we have downloaded more than Y number of root metadata
1099-
files (because the exact number is as yet unknown), then go to step 1.8. The
1100-
value for Y is set by the authors of the application using TUF. For example,
1101-
Y may be 2^10.
1099+
files (because the exact number is as yet unknown), then go to step 5.1.9.
1100+
The value for Y is set by the authors of the application using TUF. For
1101+
example, Y may be 2^10.
11021102

11031103
* **5.1.3. Check for an arbitrary software attack.** Version N+1 of the root
11041104
metadata file MUST have been signed by: (1) a threshold of keys specified in
11051105
the trusted root metadata file (version N), and (2) a threshold of keys
11061106
specified in the new root metadata file being validated (version N+1). If
11071107
version N+1 is not signed as required, discard it, abort the update cycle,
1108-
and report the signature failure. On the next update cycle, begin at step 0
1109-
and version N of the root metadata file.
1108+
and report the signature failure. On the next update cycle, begin at step
1109+
5.0 and version N of the root metadata file.
11101110

11111111
* **5.1.4. Check for a rollback attack.** The version number of the trusted
11121112
root metadata file (version N) MUST be less than or equal to the version
11131113
number of the new root metadata file (version N+1). Effectively, this means
11141114
checking that the version number signed in the new root metadata file is
11151115
indeed N+1. If the version of the new root metadata file is less than the
11161116
trusted metadata file, discard it, abort the update cycle, and report the
1117-
rollback attack. On the next update cycle, begin at step 0 and version N of
1118-
the root metadata file.
1117+
rollback attack. On the next update cycle, begin at step 5.0 and version N
1118+
of the root metadata file.
11191119

11201120
* **5.1.5**. Note that the expiration of the new (intermediate) root metadata
1121-
file does not matter yet, because we will check for it in step 5.1.8.
1121+
file does not matter yet, because we will check for it in step 5.1.9.
11221122

11231123
* **5.1.6**. **Set the trusted root metadata file** to the new root metadata
11241124
file.
@@ -1132,7 +1132,7 @@ repo](https://github.com/theupdateframework/specification/issues).
11321132
lower than the expiration timestamp in the trusted root metadata file
11331133
(version N). If the trusted root metadata file has expired, abort the update
11341134
cycle, report the potential freeze attack. On the next update cycle, begin
1135-
at step 0 and version N of the root metadata file.
1135+
at step 5.0 and version N of the root metadata file.
11361136

11371137
* **5.1.10**. **If the timestamp and / or snapshot keys have been rotated,
11381138
then delete the trusted timestamp and snapshot metadata files.** This is done
@@ -1254,15 +1254,15 @@ snapshot metadata file.
12541254

12551255
* **5.4.5**. **Perform a pre-order depth-first search for metadata about the
12561256
desired target, beginning with the top-level targets role.** Note: If
1257-
any metadata requested in steps 5.4.4.1 - 5.4.4.2.3 cannot be downloaded nor
1257+
any metadata requested in steps 5.4.5.1 - 5.4.5.2 cannot be downloaded nor
12581258
validated, end the search and report that the target cannot be found.
12591259

12601260
* **5.4.5.1**. If this role has been visited before, then skip this role
12611261
(so that cycles in the delegation graph are avoided). Otherwise, if an
12621262
application-specific maximum number of roles have been visited, then go to
1263-
step 5 (so that attackers cannot cause the client to waste excessive
1263+
step 5.5 (so that attackers cannot cause the client to waste excessive
12641264
bandwidth or time). Otherwise, if this role contains metadata about the
1265-
desired target, then go to step 5.
1265+
desired target, then go to step 5.5.
12661266

12671267
* **5.4.5.2**. Otherwise, recursively search the list of delegations in
12681268
order of appearance.
@@ -1273,12 +1273,12 @@ snapshot metadata file.
12731273
the lack of any such metadata).
12741274

12751275
* **5.4.5.2.2**. If the current delegation is a terminating delegation,
1276-
then jump to step 5.
1276+
then jump to step 5.5.
12771277

12781278
* **5.4.5.2.3**. Otherwise, if the current delegation is a
12791279
non-terminating delegation, continue processing the next delegation, if
1280-
any. Stop the search, and jump to step 5 as soon as a delegation returns
1281-
a result.
1280+
any. Stop the search, and jump to step 5.5 as soon as a delegation
1281+
returns a result.
12821282

12831283
**5.5**. **Verify the desired target against its targets metadata**.
12841284

0 commit comments

Comments
 (0)