All of these are detectable. On Mon, Mar 3, 2014 at 11:08 AM, Demian Rosenkranz < [email protected]> wrote: > > > ... a CA certificate and all files underneath that certificate, the rp > software WOULDN'T recognize anything. So the whole structure underneath > that certificate would be invalid. >
CA certs are listed by the manifest that sits in the same publication point (directory). In addition, the cert's SIA contains a URI for all of the "children." If the CA cert were present but "all files underneath" were missing, the RP software would at the very least log a failure to fetch the child directory. > > ... a Router certificate, the RP WOULDN'T recognize it, because it isn't > listet in any other file. > A manifest will cover anything in the directory (except itself), so that should include router certs.
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
