-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/12/2011 12:15 PM, Cullen Jennings wrote: >> >> >> A.41. Section 10.1 expiration definition >> >> I think that it would be a good idea to say that a Node should wait a random >> time after the expiration time before retrieving the file again from the >> configuration server to not crash it and to let ConfigUpdate do its job. >> > > Makes sense. I'm going to add the text > > The peer SHOULD retrieve a new copy of the configuration at a randomly > selected time that is before the expiration time. > > I'm not all that happy with that text it someone wants to suggest something > better. It does not tell the implementors what range to select the time over > but it's not clear we have to be that specific.
One of the reason to use the expiration value is to force the clients to reload a new version of the configuration document before the root cert expires. For this reason I would suggest to add something like this: "The expiration time MUST be lower than the highest expiration time of the root certificates listed in the configuration element." As for the range, I would suggest something like this: "The node SHOULD start retrieving a new copy at a time randomly selected between the expiration time minus 10 days and the expiration time. If the copy returned is not newer than the current copy, then the node SHOULD retry at a time randomly selected between the time of the previous attempt and the expiration time, until a new copy is received or the expiration date is reached." - -- Marc Petit-Huguenin Personal email: [email protected] Professional email: [email protected] Blog: http://blog.marc.petit-huguenin.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk1/jdcACgkQ9RoMZyVa61cd5ACfZhfSRUM9sszzU9yoGaxT6KpR +Z8An2O+I4Q7hu71rtCrTBhOmWwSyUzG =7+68 -----END PGP SIGNATURE----- _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
