From e9cd01e18aa08ef340c5da1dc7ed165f5f28e852 Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 11 Jun 2018 16:10:21 -0400 Subject: [PATCH] DOC: Clarify comment on freeze attack test to indicate the source of the freeze issue Signed-off-by: Sebastien Awwad --- tests/test_indefinite_freeze_attack.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/test_indefinite_freeze_attack.py b/tests/test_indefinite_freeze_attack.py index fa239ef5..d404b94d 100755 --- a/tests/test_indefinite_freeze_attack.py +++ b/tests/test_indefinite_freeze_attack.py @@ -407,9 +407,11 @@ def test_with_tuf(self): # # Serve the client expired Snapshot. The client should reject the given, # expired Snapshot and the locally trusted one, which should now be out of - # date. After the attack, attempt to re-issue a valid Snapshot to verify - # that the client is able to recover from the indefinite freeze attack via - # the snapshot metadata. + # date. + # After the attack, attempt to re-issue a valid Snapshot to verify that + # the client is still able to update. A bug previously caused snapshot + # expiration or replay to result in an indefinite freeze; see + # github.com/theupdateframework/tuf/issues/736 repository = repo_tool.load_repository(self.repository_directory) ts_key_file = os.path.join(self.keystore_directory, 'timestamp_key')