What about deletion?

svn path=/docs/publication-protocol; revision=1164
author: Rob Austein <sra@hactrn.net> 2007-10-17 17:33:29 +0000
committer: Rob Austein <sra@hactrn.net> 2007-10-17 17:33:29 +0000
commit: b27fa5dadebfa2be4ec83beceda31eb14ec38f77 (patch)
tree: 7e15ff9e8a0c82bd0ed3deb9631dd81436af2f63
parent: 6ce933a32fda56860bc9ca05d2553255a820a635 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/publication-protocol b/docs/publication-protocol
index 9ac46584..74c3c2fb 100644
--- a/docs/publication-protocol
+++ b/docs/publication-protocol
@@ -144,3 +144,11 @@
 ;;; require supplying the cert chain back to some resource trust
 ;;; anchor established as part of the business relationship between
 ;;; requestor and repository operator.
+
+;;; Hmm, the above completely ignores deletion.  Geoff's docs say that
+;;; when a resource class disappears we're supposed to withdraw all
+;;; certs, CRLs, and manifests associated with that resource class
+;;; from the publication point.  Strictly speaking, this isn't
+;;; necessary, since the parent has presumably CRLed the subtree in
+;;; question, but it'd be polite to relying parties, to avoid wasting
+;;; their time.
author	Rob Austein <sra@hactrn.net>	2007-10-17 17:33:29 +0000
committer	Rob Austein <sra@hactrn.net>	2007-10-17 17:33:29 +0000
commit	b27fa5dadebfa2be4ec83beceda31eb14ec38f77 (patch)
tree	7e15ff9e8a0c82bd0ed3deb9631dd81436af2f63
parent	6ce933a32fda56860bc9ca05d2553255a820a635 (diff)