Clarify root role update wording

[udf2457]

As presently documented, 5.3.11 is somewhat unclear.

It states:

If the timestamp and / or snapshot keys have been rotated, then delete the trusted timestamp and snapshot metadata files.

But this raises the question of what trusted timestamp and snapshot metadata files ?

The first time "trusted timestamp" or "trusted snapshot" are mentioned in the Spec is later in the document.

So it is therefore unclear on what happens on Day-0 ? i.e. A new client with nothing other than a bundled trusted root.

Is 5.3.11 not applicable in Day-0 scenarios ? Or are we supposed to monitor for such rotations during Day-0 initialisation and bubble up an error or abort ?

(Potentially vaguely related to #240 and/or #235 and/or #186 and/or #71)

[JustinCappos]

During day-0, you wouldn't have old timestamp and snapshot files to delete. So this would be a moot point.

…

On Mon, Jan 20, 2025 at 11:26 AM udf2457 ***@***.***> wrote: As presently documented, 5.3.11 is somewhat unclear. It states: If the timestamp and / or snapshot keys have been rotated, then delete the trusted timestamp and snapshot metadata files. But this raises the question of what trusted timestamp and snapshot metadata files ? The first time "trusted timestamp" or "trusted snapshot" are mentioned in the Spec is later in the document. So it is therefore unclear on what happens on Day-0 ? i.e. A new client with nothing other than a bundled trusted root. Is 5.3.11 not applicable in Day-0 scenarios ? Or are we supposed to monitor for such rotations during Day-0 initialisation and bubble up an error or abort ? — Reply to this email directly, view it on GitHub <#311>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAGROD7XR2VZT3BFDLB76KD2LUPVBAVCNFSM6AAAAABVQXUGZOVHI2DSMVQWIX3LMV43ASLTON2WKOZSG44TSNZYHEZTGNQ> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>