documented the decided add-leaf endpoint proposal

Refer to doc/proposals/2022-01-add-leaf-endpoint for details.
author: Rasmus Dahlberg <rasmus@mullvad.net> 2022-01-31 17:22:45 +0100
committer: Rasmus Dahlberg <rasmus@mullvad.net> 2022-01-31 17:22:45 +0100
commit: 0d0edb3421232ac32f6f426089b46244cc838545 (patch)
tree: 1dcc66f102a264f006c091f91e5145fa62325695 /doc/api.md
parent: 9f49af2ad70764510bb34322157209f56095260f (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/api.md b/doc/api.md
index abe93b1..c28c254 100644
--- a/doc/api.md
+++ b/doc/api.md
@@ -334,10 +334,11 @@ Output on success:
 A submission will not be accepted if `signature` is invalid or if the retrieved
 key hash does not match the specified verification key.  A submission may also
 not be accepted if the second-level domain name exceeded its rate limit.
+A rate limit should only be charged for the specified domain hint on success.
 
-Public logging must not be assumed to have happened until an inclusion proof is
-available.  An inclusion proof should not be relied upon unless it leads up to a
-trustworthy tree head.  Witness cosigning makes a tree head trustworthy.
+HTTP status 200 OK must not be returned unless the log has sequenced its Merkle
+tree so that the next signed tree head merged the added leaf.  A submitter
+should (re)send their add-leaf request until observing HTTP status 200 OK.
 
 Example:
 ```
author	Rasmus Dahlberg <rasmus@mullvad.net>	2022-01-31 17:22:45 +0100
committer	Rasmus Dahlberg <rasmus@mullvad.net>	2022-01-31 17:22:45 +0100
commit	0d0edb3421232ac32f6f426089b46244cc838545 (patch)
tree	1dcc66f102a264f006c091f91e5145fa62325695 /doc/api.md
parent	9f49af2ad70764510bb34322157209f56095260f (diff)