Closed bluesteens closed 1 year ago
NFR007 says, "Cached data SHALL be valid no longer than 48 hours." Would this be considered the max cap, even in catastrophic circumstances?
P&A mtg Sep 7: 24 h shall be overall max. caching time. new error code to be developed that says that revocation reg could not be accessed, suggest alt. verification method. if TP customer has instructed VRS that VC are optional, affected PIV interaction will pass; if VC are set to mandatory, the PIV interaction will fail.
2023-09-28: P&A approval to merge #75
Steering, Oct 9: remove "Credential revocation data SHALL not be older than 24 hours." - then publish
Steering: Proposal Summary
Following technical review, the option to allow for revocation data to be older than 24 h under exceptional circumstances has been challenged.
#
Steering: Publication Summary
Used to present completed work to Steering for approval to publish.
Discuss the work that was completed in reference to the above proposal. Include any differences from the proposal and why.
use [GitHub Preview](https://htmlpreview.github.io/) to show final state of documents along with pull requests (if needed).
#Detailed Description: orig ticket proposal: The PR contains several typo and minor language edits. The main point, however, is the challenge of allowing revocation data to be older than 24 h under exceptional circumstances. It is proposed to be strict and limit to 24 h at all times. See review comment
P&A call Aug 10: What happens if revocation list not available due to exceptional/catastrophic circumstances? We could tighten up the wording, but should leave room for using older cache. Consider adding control method requirement to check when revocation list is back online. Ties into issue https://github.com/orgs/Open-Credentialing-Initiative/projects/2?pane=issue&itemId=21168468
Triage:
Affected Parties (help determine Sunrise/Sunset):
Affected OCI Artifact
Change Category (Guides Steering Review)
- Steering/Industry Review
- Steering/Industry Notification
Communication