The CRL publisher could be improved to provide purging policies that work more consistently on full/delta CRLs and on file/LDAP-based CRLs.
The purging policies can be specified in the following parameters:
The purging process should work as follows:
To simplify the purging process, the CRLs should be stored in a way that's easy to distinguish the two CRL types without inspecting the CRL data itself. For example, if it's a file-based publishing, the type can be encoded into the file name (e.g. <timestamp>-full.crl and <timestamp>-delta.crl). If it's LDAP-based publishing, the type can be stored as an attribute (e.g. pkiCRLType=<full|delta>).
Per discussions with edewata: 10.4
Metadata Update from @edewata: - Issue set to the milestone: UNTRIAGED
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2458
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Metadata Update from @dmoluguw: - Issue close_status updated to: migrated - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.