From ad7ca140071827e106e96f4d8608bee2df2553ca Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 17 Oct 2007 20:36:46 +0000 Subject: crl notes svn path=/scripts/README; revision=1167 --- scripts/README | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/README b/scripts/README index d4a12ba2..39542d3f 100644 --- a/scripts/README +++ b/scripts/README @@ -21,7 +21,17 @@ To do list: - manifest generation -- publication hooks into everything - need not wait for protocol, can just log what would happen for now +- revocation and crl generation + + - need to keep data on unexpired revoked certs to generate crl + + - ever need to delay revocation of old certs to give their replacements time to propegate? + + these two may imply that we need more fields in child_cert table to indicate whether a cert is dead, + eg, a date field which is NULL if the cert is still live, otherwise is the date after which it should be + in the crl + +- publication hooks everywhere - need not wait for protocol, can just log what would happen for now - cert publication -- cgit v1.2.3