Ah... Updates to the repositories are an internal implementation decision between the CA, and the repository. None of the current drafts describe updating repositories. They only describe fetching from them.Actually draft-huston-sidr-repos-structure attempted to do precisely thatSection 2 of that document may be a but implicit, but it defines as instance of a publication repository as containing all the signed products of a CA or the signed products of an EE. What is implicit is that neither a CA nor an EE would allow third parties to write to their publication repository. Also note that as these are all signed, foreign objects are detectable by relying parties.
Ok, what I said was poorly worded. I'll rephrase: None of the current drafts specify the mechanisms or protocols used to modify the contents of the repositories.
Rob -- Robert Loomans Email: [EMAIL PROTECTED] Senior Software Engineer, APNIC Phone: +61 7 3858 3100 http://www.apnic.net Fax: +61 7 3858 3199
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
