When a delegation's key is changed, but not the delegated target, the delegation's role metadata file is is not resigned. (Only the delegator requires resigning).
Expected behaviour:
Both the delegator and the delegation's metadata is resigned. As the delegation's role metadata is signed with the previous key, it won't be verified properly as that key is not a valid signer in the updated delegator's version.
Observed behaviour:
When a delegation's key is changed, but not the delegated target, the delegation's role metadata file is is not resigned. (Only the delegator requires resigning).
Expected behaviour:
Both the delegator and the delegation's metadata is resigned. As the delegation's role metadata is signed with the previous key, it won't be verified properly as that key is not a valid signer in the updated delegator's version.