Skip to content

Commit

Permalink
docs: update design description
Browse files Browse the repository at this point in the history 
Signed-off-by: junczhu <[email protected]>
  • Loading branch information
@junczhu
junczhu committed Sep 19, 2024
1 parent 12dfc2c commit b0a0341
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions docs/proposals/Certificate Revocation Lists.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,21 @@ A CRL is considered expired if the current date is after the `NextUpdate` field
![image](../img/CRL/CRL-workflow.png)


Ratify Verification Request Path:

Step 1: Apply the CRs including certs and CRL config
Step 2: Load CRLs from cert provided URLs
Step 3: Trigger Refresh Monitor and set up refresh schedule
Step 4: Start verify task
Step 5: Load trust policy
Step 6: Load CRL cache

CRL Handler:

Step 1: Load cert URLs
Step 2: Download CRL
Step 3: Trigger Refresh Monitor, refresh monitor is `time` pkg based.

### Cache Content Design


Expand Down

0 comments on commit b0a0341

Please sign in to comment.