From e8ac3f488818976891e8bab6cf1f491e3bd8f5b4 Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano@smallstep.com>
Date: Mon, 14 Jan 2019 18:09:06 -0800
Subject: [PATCH] Add comment to differentiate GetRootCertificates and
 GetRoots.

---
 authority/root.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/authority/root.go b/authority/root.go
index 01b3508d..51ed6ac5 100644
--- a/authority/root.go
+++ b/authority/root.go
@@ -29,16 +29,24 @@ func (a *Authority) GetRootCertificate() *x509.Certificate {
 }
 
 // GetRootCertificates returns the server root certificates.
+//
+// In the Authority interface we also have a similar method, GetRoots, at the
+// moment the functionality of these two methods are almost identical, but this
+// method is intended to be used internally by CA HTTP server to load the roots
+// that will be set in the tls.Config while GetRoots will be used by the
+// Authority interface and might have extra checks in the future.
 func (a *Authority) GetRootCertificates() []*x509.Certificate {
 	return a.rootX509Certs
 }
 
 // GetRoots returns all the root certificates for this CA.
+// This method implements the Authority interface.
 func (a *Authority) GetRoots() ([]*x509.Certificate, error) {
 	return a.rootX509Certs, nil
 }
 
 // GetFederation returns all the root certificates in the federation.
+// This method implements the Authority interface.
 func (a *Authority) GetFederation() (federation []*x509.Certificate, err error) {
 	a.certificates.Range(func(k, v interface{}) bool {
 		crt, ok := v.(*x509.Certificate)