Jeffrey Haas wrote:
Florian,On Thu, Mar 13, 2008 at 07:59:02PM +0100, Florian Weimer wrote:It's not clear to me if you need rsync's capability for transmitting collections of files.
It is needed.For the major use case, relying parties will need to get all published products of each CA, by walking the certificate hierarchy from the top down.
In each case, the SIA extension of each certificate will point to a repository directory where the certificate's products are published. The relying party needs to retrieve all of those, and repeat...
This is the major advantage of using rsync. When you must sync a large number of files, it is *very* efficient.
What's more it's very efficient over high latency links, and it recovers gracefully if you have to restart because of connection failures, etc.
For our purposes, we just care that we can gather all of the necessary files. This can be as simple as downloading the latest manifest and then fetching all changed files within the manifest. This was one of the reasons I had suggested a "last updated" value for the items in the manifest at the microphone at the SIDR meeting.
That's certainly possible.... assuming the manifest is there. Currently the manifests are optional.
Rob -- Robert Loomans Email: [EMAIL PROTECTED] Senior Software Engineer, APNIC Phone: +61 7 3858 3100 http://www.apnic.net Fax: +61 7 3858 3199
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
