On Tue, 26 Aug 2008, Robert Loomans wrote:
> Roque Gagliano wrote:
>> Sandy,
>>>> - ------------------
>>>> 4.1.1
>>>> e. Confirm that all of the objects listed in the downloaded manifest
>>>> have been retrieved.
>>>> - ------------------
>>>>
>>>> What if I have a partial download of the URIs from the manifest? What
>>>> if the successfully downloaded object files match the stored hashes?
>>>
>>> There's a "not" missing in here somewhere, I think. (Successful
>>> download and match of hashes seem like entirely good things.)
>>
>> let me clarified what was trying to say. The question is about the word
>> "all", what if you only succeed on download some of the objects in the
>> manifest.
>
> Details of how to handle various error cases are described in
> draft-ietf-sidr-rpki-manifests. In this case, in section 6.5:
>
>> If there exist files listed on the manifest that do not appear in the
>> repository, then these objects are likely to have been improperly
>> (via malice or accident) deleted from the manifest. A primary
^^^^^^^^
repository?
>> purpose of manifests is to detect such deletions. Therefore, in such
>> a case this situation should result in a warning to the effect that:
>> "The following files that should have been present in the repository
>> at <pub point name>, are missing <file list>. This indicates an
>> attack against this publication point, or the repository, or an error
>> by the publisher."
Yes, this is what I was trying to say - that the stated purpose of the
manifest is to detect missing items, so permitting parital downloads of
the list of objects would be counter to the purpose of the manifest.
IMHO, of course.
--Sandy
>
> Rob
>
> --
> Robert Loomans Email: [EMAIL PROTECTED]
> Senior Software Engineer, APNIC Phone: +61 7 3858 3100
> http://www.apnic.net Fax: +61 7 3858 3199
>
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
