@@ -1189,10 +1189,10 @@ the timestamp metadata file. In either case, the client MUST write the file to
11891189non-volatile storage as FILENAME.EXT.
11901190
11911191 * ** 3.1** . ** Check against timestamp role's snapshot hash.** The hashes
1192- number of the new snapshot metadata file MUST match the hashes (if any)
1193- listed in the trusted timestamp metadata. If hashes and do not match,
1194- discard the new snapshot metadata, abort the update cycle, and report the
1195- failure.
1192+ of the new snapshot metadata file MUST match the hashes listed in the trusted
1193+ timestamp metadata. This is done, in part, to prevent a mix-and- match
1194+ attack by man-in- the-middle attackers. If the hashes do not match, discard
1195+ the new snapshot metadata, abort the update cycle, and report the failure.
11961196
11971197 * ** 3.2** . ** Check signatures.** The new snapshot metadata file MUST have
11981198 been signed by a threshold of keys specified in the trusted root metadata
@@ -1201,8 +1201,8 @@ non-volatile storage as FILENAME.EXT.
12011201
12021202 * ** 3.3** . ** Check against timestamp role's snapshot version.** The version
12031203 number of the new snapshot metadata file MUST match the version number listed
1204- in the trusted timestamp metadata. If version version do not match, discard
1205- the new snapshot metadata, abort the update cycle, and report the failure.
1204+ in the trusted timestamp metadata. If the versions do not match, discard the
1205+ new snapshot metadata, abort the update cycle, and report the failure.
12061206
12071207 * ** 3.4** . ** Check for a rollback attack.**
12081208
@@ -1214,7 +1214,7 @@ non-volatile storage as FILENAME.EXT.
12141214
12151215 * ** 3.4.2** . The version number of the targets metadata file, and all
12161216 delegated targets metadata files (if any), in the trusted snapshot metadata
1217- file, if any, MUST be less than or equal to its version number in the new
1217+ file, if any, MUST be less than: or equal to its version number in the new
12181218 snapshot metadata file. Furthermore, any targets metadata filename that was
12191219 listed in the trusted snapshot metadata file, if any, MUST continue to be
12201220 listed in the new snapshot metadata file. If any of these conditions are
@@ -1242,7 +1242,8 @@ non-volatile storage as FILENAME.EXT.
12421242 of the new targets metadata file MUST match the hashes (if any) listed in the
12431243 trusted snapshot metadata. This is done, in part, to prevent a mix-and-match
12441244 attack by man-in-the-middle attackers. If the new targets metadata file does
1245- not match, discard it, abort the update cycle, and report the failure.
1245+ not match, discard the new target metadata, abort the update cycle, and
1246+ report the failure.
12461247
12471248 * ** 4.2** . ** Check for an arbitrary software attack.** The new targets
12481249 metadata file MUST have been signed by a threshold of keys specified in the
@@ -1251,10 +1252,8 @@ non-volatile storage as FILENAME.EXT.
12511252
12521253 * ** 4.3** . ** Check against snapshot role's targets version.** The version
12531254 number of the new targets metadata file MUST match the version number listed
1254- in the trusted snapshot metadata. This is done, in part, to prevent a
1255- mix-and-match attack by man-in-the-middle attackers. If the new targets
1256- metadata file does not match, discard it, abort the update cycle, and report
1257- the failure.
1255+ in the trusted snapshot metadata. If the versions do not match, discard it,
1256+ abort the update cycle, and report the failure.
12581257
12591258 * ** 4.4** . ** Check for a freeze attack.** The latest known time should be
12601259 lower than the expiration timestamp in the new targets metadata file. If so,
0 commit comments