From 7cf7de02132ff398f51287d4098151367d3bc5e7 Mon Sep 17 00:00:00 2001
From: Trishank K Kuppusamy
 <33133073+trishankatdatadog@users.noreply.github.com>
Date: Tue, 18 Jun 2019 18:52:32 -0400
Subject: [PATCH 1/2] Limit on the # of root metadata files downloaded

---
 tuf-spec.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tuf-spec.md b/tuf-spec.md
index a235b13..541cf70 100644
--- a/tuf-spec.md
+++ b/tuf-spec.md
@@ -1018,7 +1018,8 @@ repo](https://github.com/theupdateframework/specification/issues).
   by the authors of the application using TUF. For example, X may be tens of
   kilobytes. The filename used to download the root metadata file is of the
   fixed form VERSION_NUMBER.FILENAME.EXT (e.g., 42.root.json). If this file is
-  not available, then go to step 1.8.
+  not available, or we have downloaded more than Y number of root metadata files,
+  then go to step 1.8.
 
   * **1.3. Check signatures.** Version N+1 of the root metadata file MUST have
   been signed by: (1) a threshold of keys specified in the trusted root

From 50f2f40a29cbf51c03fa226a8ccbafb550fba876 Mon Sep 17 00:00:00 2001
From: Trishank K Kuppusamy
 <33133073+trishankatdatadog@users.noreply.github.com>
Date: Wed, 19 Jun 2019 10:36:07 -0400
Subject: [PATCH 2/2] explain where Y comes from

---
 tuf-spec.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tuf-spec.md b/tuf-spec.md
index 541cf70..b26d3bd 100644
--- a/tuf-spec.md
+++ b/tuf-spec.md
@@ -1018,8 +1018,10 @@ repo](https://github.com/theupdateframework/specification/issues).
   by the authors of the application using TUF. For example, X may be tens of
   kilobytes. The filename used to download the root metadata file is of the
   fixed form VERSION_NUMBER.FILENAME.EXT (e.g., 42.root.json). If this file is
-  not available, or we have downloaded more than Y number of root metadata files,
-  then go to step 1.8.
+  not available, or we have downloaded more than Y number of root metadata files
+  (because the exact number is as yet unknown), then go to step 1.8. The value
+  for Y is set by the authors of the application using TUF. For example, Y may
+  be 2^10.
 
   * **1.3. Check signatures.** Version N+1 of the root metadata file MUST have
   been signed by: (1) a threshold of keys specified in the trusted root