docs: cryptographic compromises specification

specification/cross-repository-timestamp.md

@@ -172,16 +172,44 @@ indicate malicious activity or a compromise of a trusted party. In such rare cas
 resolution may require out-of-band communication or other manual intervention.
 
 
-
-## Periodically Timestamping Digital Repositories
-
-
-
+## Addressing Compromises in Cryptographic Algorithms
+
+Another problem that we can expect to face when dealing with such a long period of time
+is discovery of vulnerabilities of asymmetric cryptographic algorithms that we are using
+today. To illustrate, consider a scenario where keys of a digital law repository were
+generated in 2020 using a specific key generation method, referred to as method X.
+A decade later, after numerous updates were published and signed, a security flaw is
+found in key generation method X. So, let's assume that the first 1000 commits contain
+metadata files that were signed using these old keys, which can now be decrypted. TUF
+handles the key rotation so that the 1001st and all subsequent commits are secure.
+If the governments are still maintaining their repository, they will perform
+the key rotation. However, it is vital that the attesting institutions then update
+the out-of-band commit they are storing. If the initial commit, or some other commit
+out of the top 1000 was still listed as verified, there would be no way to differentiate
+between the actual repository, maintained by the government, and its fork which
+exploits the newly found cryptographic vulnerability.
+
+
+In considering the long-term implications of digital law repositories, it’s essential to
+acknowledge the potential vulnerabilities in the asymmetric cryptographic algorithms we
+currently rely on. Take, for example, a digital law repository where the keys were
+generated in 2020 using a specific key generation method, denoted as method X. Fast
+forward a decade, numerous updates of the digital law have been made, and a security flaw
+is discovered in method X. This flaw potentially compromises the first 1000 commits, as
+they were signed with keys generated by the now vulnerable method X.
+
+TUF is designed to handle key rotation effectively, ensuring that from the 1001st commit
+onwards, all transactions are secure. However, this situation necessitates prompt action from the attesting institutions. They promptly update the out-of-band commit data they hold.
+If any of the first 1000 commits are still marked as verified, it becomes impossible to
+distinguish between the genuine government-maintained repository and a fork that might
+exploit the discovered cryptographic vulnerability. It is, therefore, imperative for attesting institutions to act swiftly and update their records to reflect the changes and maintain the trustworthiness of the digital law repository.
+
+n the event that a government ceases to maintain its digital law repository, attesting institutions can take a proactive role to ensure the ongoing security and authenticity of the repository. Similar to addressing vulnerabilities in hashing algorithms, these institutions can use their own secure keys to sign the metadata. In this case, recalculating hashes would not be necessary. The institutions' signatures serve as a seal of trust and authenticity, providing users with the assurance they need to confidently access and rely on the legal data.
 
 
 ## Example
 
-Let's say the following:
+Let's say the following:y
 
 - City of San Mateo, City of Baltimore, and District of Columbia all manage their own repositories, each containing their respective laws and legal documents.
 - University of Wisconsin Law Library and University of New York Law Library, acting as secondary, validating entities, clone the aforementioned repositories, perform out-of-band authentication to ensure validity, and then create their respective repositories.