[Ndn-interest] Trust hierarchy

Junxiao Shi shijunxiao at email.arizona.edu
Mon Dec 4 06:24:26 PST 2017


Hi Michal

I'm wondering how can I express a trust hierarchy other than a chain using
> key locators.
>
> Let us consider that I have 3 keys: A, B and C.
>
> A is signed by both B and C.
>
Until #3283 <https://redmine.named-data.net/issues/3283>, this implies key
A will have two certificates in two Data packets.

Now, I use A to sign my data packet, so its key locator will point to A.
>
The KeyLocator will point to one of the two certificates.

However, when I download A's certificate, will it include key locators to
> both B and C?
>
No.


> If yes, are there any mechanisms to make it scale, or I have to download
> all upstream keys?
>
> If no, what should I do if the consumer trusts only B, but not C?
>
You may work on https://redmine.named-data.net/issues/3283 , or use "Watch"
button to get progress updates.

Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20171204/33501103/attachment-0001.html>


More information about the Ndn-interest mailing list