diff options
| author | Rob Austein <sra@hactrn.net> | 2007-05-09 17:46:35 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-05-09 17:46:35 +0000 |
| commit | 5744f3094ef39e2fc2ace72da3d198833878cb36 (patch) | |
| tree | 194f3970d936eb97ab9569d78d619434ff2add47 | |
| parent | 29058ca618dc41319cdca14ddb0a72f769c7550d (diff) | |
Add notes about signed manifest.
svn path=/docs/publication-protocol; revision=598
| -rw-r--r-- | docs/publication-protocol | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/docs/publication-protocol b/docs/publication-protocol index 02c2eba6..9ac46584 100644 --- a/docs/publication-protocol +++ b/docs/publication-protocol @@ -111,18 +111,29 @@ ;;; be proven is that publication client A is not stepping on ;;; publication client B even when B is A's parent. - - +;;; Signed manifests must be supplied by the RE, as they must be +;;; signed by an EE cert issued by the CA that issues (or signs, in +;;; the case of non-cert objects) everything else in the SIA +;;; collection. This EE cert should probably just use the RFC 3779 +;;; inherit bits as an easy way of inheriting all the resources of the +;;; CA cert. So the publication operation supplies exactly one new +;;; manifest and zero or more other objects; everything in the +;;; publication PDU is published as an atomic operation, ie, if any of +;;; it can't be published, none of it is published. (publish-thing :publication-uri uri-of-thing-we-are-publishing - :signed-thing signed-thing :credential-certs (cert ....) - :thing-type :crl) + :manifest manifest + (:thing crl1 :thing-type :crl) + (:thing cert1 :thing-type :cert) + (:thing cert2 :thing-type :cert) + ... ...) => () -;;; signed-thing is an object (certificate, CRL, ROA) signed by the -;;; private key associated with a resource certificate held by the -;;; entity sending the (publish-thing) request. +;;; thing is an object (certificate, CRL, ROA) signed by the private +;;; key associated with a resource certificate held by the entity +;;; sending the (publish-thing) request. :thing-type may not be +;;; strictly necessary. ;;; ;;; credential-certs is a set of whatever resource certificates are ;;; needed to demonstrate to the repository engine that the entity @@ -133,6 +144,3 @@ ;;; require supplying the cert chain back to some resource trust ;;; anchor established as part of the business relationship between ;;; requestor and repository operator. -;;; -;;; Thing type...was present in a previous version of this protocol. -;;; I'm not sure we need it, am not sure we don't. |