Amer Kamal recently posted two articles regarding the security and maintenance of offline CAs based on frequently asked questions from customers. These articles posted as:
Security Best Practices for Offline CAs
Offline CA Maintenance Tasks
Since they are TechNet Wiki articles, you can not only review them, but also help to improve them.
I note in this article (technet.microsoft.com/.../cc782041(v=ws.10).aspx) there is a CRL Re-Sign mechanism for expired offline root CRL which is not available to be brought back online. Can you explain in more detail how to address expired offline crl publication without bringing the offline root CA back online?