@@ -1126,8 +1126,8 @@ repo](https://github.com/theupdateframework/specification/issues).
11261126 for more details.
11271127
11281128 * ** 1.9.1** . ** Targets recovery** If a threshold of targets keys are removed
1129- from the root metadata, delete the old targets, snapshot, and timestamp
1130- metadata files.
1129+ from the root metadata, delete the old top-level targets, snapshot, and
1130+ timestamp metadata files.
11311131
11321132 * ** 1.9.2** . ** Snapshot recovery** If a threshold of snapshot keys are
11331133 removed from the root metadata, delete the old snapshot and timestamp
@@ -1244,35 +1244,35 @@ non-volatile storage as FILENAME.EXT.
12441244 the new targets metadata file is expired, discard it, abort the update cycle,
12451245 and report the potential freeze attack.
12461246
1247- * ** 4.5** . ** Fast-forward attack recovery** If a threshold of delegated
1248- targets keys for a role are removed from the delegating targets metadata,
1249- delete the old delegated targets metadata for that role along with the
1250- snapshot and timestamp metadata.
1251-
1252- * ** 4.6** . ** Perform a preorder depth-first search for metadata about the
1247+ * ** 4.5** . ** Perform a preorder depth-first search for metadata about the
12531248 desired target, beginning with the top-level targets role.** Note: If
12541249 any metadata requested in steps 4.4.1 - 4.4.2.3 cannot be downloaded nor
12551250 validated, end the search and report that the target cannot be found.
12561251
1257- * ** 4.6 .1** . If this role has been visited before, then skip this role (so
1252+ * ** 4.5 .1** . If this role has been visited before, then skip this role (so
12581253 that cycles in the delegation graph are avoided). Otherwise, if an
12591254 application-specific maximum number of roles have been visited, then go to
12601255 step 5 (so that attackers cannot cause the client to waste excessive
12611256 bandwidth or time). Otherwise, if this role contains metadata about the
12621257 desired target, then go to step 5.
12631258
1264- * ** 4.6 .2** . Otherwise, recursively search the list of delegations in order
1259+ * ** 4.5 .2** . Otherwise, recursively search the list of delegations in order
12651260 of appearance.
12661261
1267- * ** 4.6.2.1** . If the current delegation is a multi-role delegation,
1262+ * ** 4.5.2.1** . ** Fast-forward attack recovery** If a threshold of
1263+ delegated targets keys for the current delegation are removed from the
1264+ delegating targets metadata, delete the old delegated targets metadata for
1265+ the current delegation along with the snapshot and timestamp metadata.
1266+
1267+ * ** 4.5.2.1** . If the current delegation is a multi-role delegation,
12681268 recursively visit each role, and check that each has signed exactly the
12691269 same non-custom metadata (i.e., length and hashes) about the target (or
12701270 the lack of any such metadata).
12711271
1272- * ** 4.6 .2.2** . If the current delegation is a terminating delegation,
1272+ * ** 4.5 .2.2** . If the current delegation is a terminating delegation,
12731273 then jump to step 5.
12741274
1275- * ** 4.6 .2.3** . Otherwise, if the current delegation is a non-terminating
1275+ * ** 4.5 .2.3** . Otherwise, if the current delegation is a non-terminating
12761276 delegation, continue processing the next delegation, if any. Stop the
12771277 search, and jump to step 5 as soon as a delegation returns a result.
12781278
0 commit comments