diff options
| author | Rob Austein <sra@hactrn.net> | 2007-12-14 00:55:31 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-12-14 00:55:31 +0000 |
| commit | 423f7891445b06ae639ad994e1fe989e1bbe1e39 (patch) | |
| tree | b007a7c1f5c2c8bbe5b959c2a5b05ecbd1a4b039 | |
| parent | 4bd92fbff3a3f0ae2293d2099254f4b0cd196613 (diff) | |
Update note on revocation on shrink
svn path=/scripts/README; revision=1379
| -rw-r--r-- | scripts/README | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/scripts/README b/scripts/README index 5ff4936c..398f52de 100644 --- a/scripts/README +++ b/scripts/README @@ -66,11 +66,6 @@ Current TO DO list: a "text" portion (the place where "openssl x509 -text" would put a text dump of a cert) showing the wrapped XML. -- Rewrite code that handles revoke on shrink to revoke -all- old - certs for that key, not just most recent. Not certain, but this may - have been the cause of a cert dropping not showing up in the CRL - during testing with APNIC in Vancouver. - - Rewrite hooks that call CRL generation and publication to do so immediately rather than waiting for cron. Batching to handle all of a bunch of events at once would be nice, but start by getting it @@ -98,6 +93,11 @@ Current TO DO list: - Protection against up-down operations specifying a class_name that belongs to some other self context. + - Rewrote code that handles revoke on shrink to revoke -all- old + certs for that key, not just most recent. Not certain, but this + may have been the cause of a cert dropping not showing up in the + CRL during testing with APNIC in Vancouver. + - Implement remaining left-right control booleans -- among other reasons, these are the IRBE triggers for things like key rollover, which we need to test some of the stuff that's already done. |