| base.txt | issue77.txt | |||
|---|---|---|---|---|
| skipping to change at page 37, line 8 | skipping to change at page 37, line 8 | |||
| options that are not specified to be used with Delegation Chain | options that are not specified to be used with Delegation Chain | |||
| Advertisement messages MUST be ignored and the packet processed in | Advertisement messages MUST be ignored and the packet processed in | |||
| the normal manner. The only defined options that may appear are the | the normal manner. The only defined options that may appear are the | |||
| Certificate and Trust Anchor options. An advertisement that passes | Certificate and Trust Anchor options. An advertisement that passes | |||
| the validity checks is called a "valid advertisement". | the validity checks is called a "valid advertisement". | |||
| Hosts SHOULD store certificate chains retrieved in Delegation Chain | Hosts SHOULD store certificate chains retrieved in Delegation Chain | |||
| Discovery messages if they start from an anchor trusted by the host. | Discovery messages if they start from an anchor trusted by the host. | |||
| The certificate chains MUST be verified, as defined in Section 6.1, | The certificate chains MUST be verified, as defined in Section 6.1, | |||
| before storing them. Routers MUST send the certificates one by one, | before storing them. Routers MUST send the certificates one by one, | |||
| starting from the trust anchor end of the chain. Except for temporary | starting from the trust anchor end of the chain. | |||
| purposes to allow for message loss and reordering, hosts SHOULD NOT | ||||
| store certificates received in a Delegation Chain Advertisement | Note: except for temporary purposes to allow for message loss and | |||
| unless they contain a certificate which can be immediately verified | reordering, hosts might not store certificates received in a | |||
| either to the trust anchor or to a certificate that has been verified | Delegation Chain Advertisement unless they contain a certificate | |||
| earlier. | which can be immediately verified either to the trust anchor or to a | |||
| certificate that has been verified earlier. This measure is to | ||||
| prevent Denial-of-Service attacks, whereby an attacker floods a host | ||||
| with certificates that the host cannot validate and overwhelms memory | ||||
| for certificate storage. | ||||
| Note that caching this information and the implied verification | Note that caching this information and the implied verification | |||
| results between network attachments for use over multiple attachments | results between network attachments for use over multiple attachments | |||
| to the network can help improve performance. But periodic certificate | to the network can help improve performance. But periodic certificate | |||
| revocation checks are still needed even with cached results, to make | revocation checks are still needed even with cached results, to make | |||
| sure that the certificates are still valid. | sure that the certificates are still valid. | |||
| The host has a need to retrieve a delegation chain when a Router | The host has a need to retrieve a delegation chain when a Router | |||
| Advertisement has been received with a public key that is not stored | Advertisement has been received with a public key that is not stored | |||
| in the hosts' cache of certificates, or there is no authorization | in the hosts' cache of certificates, or there is no authorization | |||
| End of changes. | ||||
This html diff was produced by rfcdiff v1.06, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||