From 92f5cbce3bafc6c41b212430e7e48ccd01158f08 Mon Sep 17 00:00:00 2001
From: Joshua Lock <jlock@vmware.com>
Date: Mon, 5 Oct 2020 12:15:24 +0100
Subject: [PATCH] Add repository metadata generation sequence

Specify in which order metadata should be generated and made available on
the repository.

Fixes: #105

Signed-off-by: Joshua Lock <jlock@vmware.com>
---
 tuf-spec.md | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/tuf-spec.md b/tuf-spec.md
index ed163a5..7824784 100644
--- a/tuf-spec.md
+++ b/tuf-spec.md
@@ -1,8 +1,8 @@
 # <p align="center">The Update Framework Specification
 
-Last modified: **30 September 2020**
+Last modified: **06 October 2020**
 
-Version: **1.0.9**
+Version: **1.0.10**
 
 We strive to make the specification easy to implement, so if you come across
 any inconsistencies or experience any difficulty, do let us know by sending an
@@ -462,6 +462,19 @@ repo](https://github.com/theupdateframework/specification/issues).
    Delegated target roles are authorized by the keys listed in the directly
    delegating target role.
 
+* **3.2 Repository metadata creation**
+
+   Metadata SHOULD be generated in the following sequence, in order to ensure
+   that metadata are not referenced in the repository before they have been
+   created.  The below sequence assumes that all targets files referenced by
+   the metadata are available to the repository before the metadata is written.
+
+     * **3.2.1** Sign and write any delegated targets metadata (DELEGATED_ROLE.EXT)
+     * **3.2.2** Sign and write root metadata (root.EXT)
+     * **3.2.3** Sign and write top-level targets metadata (targets.EXT)
+     * **3.2.4** Sign and write snapshot metadata (snapshot.EXT)
+     * **3.2.5** Sign and write timestamp metadata (timestamp.EXT)
+
 ## **4. Document formats**
 
    All of the formats described below include the ability to add more