Add more text describing threshold computation

[joshuagl]

trafficstars

Add some additional text to each "Check for an arbitrary software attack" section describing threshold computation, in an attempt to help TUF implementers avoid falling into the trap of a naive implementation of threshold counting resulting in incorrect, security affecting, behaviour.

Further enhance this guidance by recommending, in "File formats", that the signatures list only contain one signature per keyid.

This kind of detail will be easier to add in a much clearer way once we rewrite the workflow to call out to subsections (https://github.com/theupdateframework/specification/issues/121), however I wanted to add this information as soon as possible because we continue to see implementers falling into the same trap:

• Incorrect threshold signature computation in the reference implementation.
• Incorrect threshold signature computation for new root metadata in the reference implementation.
• Improper uniqueness verification of signature threshold in Tough.
• Deduplicate signatures with the same key_id in rust-tuf.
• Fix duplicate signature validation in aktualizer (an Uptane implementation).
• Only consider the count of valid keys to verify thresholds in go-tuf.
• Incorrect threshold signature computation in php-tuf.

[joshuagl]

Rebased on the latest master with a new version and date added. Please take a look @trishankatdatadog @mnm678

[joshuagl]

Almost two years later !? 🙊 I've managed to add some more text in an attempt to address @trishankatdatadog's concerns. I rebased on the latest changes and updated version and date.

With the current version and date in the commit this PR SHOULD follow #272

[joshuagl]

I'd love to get this PR off my backlog, any chance of some reviews @trishankatdatadog, @mnm678 and @lukpueh ?