randy/draft-6486bis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sk revises to ensure all objects within ca's pub point

Browse source
This commit is contained in:
Randy Bush 2020-06-24 08:14:09 -07:00
parent 380b5f8583
commit 166c20ddb1
2 changed files with 87 additions and 81 deletions
Download patch file Download diff file Expand all files Collapse all files

12
draft-ymbk-sidrops-6486bis.xml
View file

@ -614,9 +614,15 @@
<t>
For a given publication point, an RP MUST perform a series of
tests to determine which signed object files at the publication
point are acceptable. The tests described below are to be
performed using the manifest identified by the
id-ad-rpkiManifest URI extracted from a CA certificate's SIA.
point are acceptable. The tests described below are to be
performed using themanifest identified by the id-ad-rpkiManifest
URI extracted from a CA certificate's SIA. _All_ of the files
referenced by the manifest MUST be be located at the publication
point specified by the id-ad-caRepositoryURI from the (same)
certificate's SIA. The manifest and the files it references
MUST reside at the same publication point. An RP MUST
ignore any files that appear on a manifest but do not reside as
the same publication point as the manifest.
</t>
<t>