Sandra Murphy wrote: >> Details of how to handle various error cases are described in >> draft-ietf-sidr-rpki-manifests. In this case, in section 6.5: >> >>> If there exist files listed on the manifest that do not appear in the >>> repository, then these objects are likely to have been improperly >>> (via malice or accident) deleted from the manifest. A primary > > ^^^^^^^^ > repository?
I think so :) >>> purpose of manifests is to detect such deletions. Therefore, in such >>> a case this situation should result in a warning to the effect that: >>> "The following files that should have been present in the repository >>> at <pub point name>, are missing <file list>. This indicates an >>> attack against this publication point, or the repository, or an error >>> by the publisher." > > Yes, this is what I was trying to say - that the stated purpose of the > manifest is to detect missing items, so permitting parital downloads of > the list of objects would be counter to the purpose of the manifest. > IMHO, of course. Yes, a partial manifest is useless. You can't validate it. Rob -- Robert Loomans Email: [EMAIL PROTECTED] Senior Software Engineer, APNIC Phone: +61 7 3858 3100 http://www.apnic.net Fax: +61 7 3858 3199
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
