<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>Hi Matteo, <br>
    </p>
    <p>thanks for your message. It's just a formatting problem. For some
      reason my mail client decide to replace tabs with "/" and "?".
      There are not present in the files though. <br>
    </p>
    <p>I've seen your tutorial before. Actually, it was the only
      complete solution it could find online, so I was basing heavily on
      it. Thank you. My setup seems only slightly different, but I still
      can't make it work. <br>
    </p>
    <p>Best,</p>
    <p>Michał<br>
    </p>
    <p><br>
    </p>
    <br>
    <blockquote type="cite"
      cite="mid:EAB20BA3-4E53-44A8-8CF9-5C1DF292037F@ucl.ac.uk">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <br class="">
      <div style=""><br class="">
        <blockquote type="cite" class="">
          <div class="">Begin forwarded message:</div>
          <br class="Apple-interchange-newline">
          <div style="margin-top: 0px; margin-right: 0px; margin-bottom:
            0px; margin-left: 0px;" class="">
            <span style="font-family: -webkit-system-font, Helvetica
              Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);"
              class=""><b class="">From:
              </b></span><span style="font-family: -webkit-system-font,
              Helvetica Neue, Helvetica, sans-serif;" class="">Matteo
              Bertolino <<a href="mailto:Matteo.Bertolino@eurecom.fr"
                class="" moz-do-not-send="true">Matteo.Bertolino@eurecom.fr</a>><br
                class="">
            </span></div>
          <div style="margin-top: 0px; margin-right: 0px; margin-bottom:
            0px; margin-left: 0px;" class="">
            <span style="font-family: -webkit-system-font, Helvetica
              Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);"
              class=""><b class="">Subject:
              </b></span><span style="font-family: -webkit-system-font,
              Helvetica Neue, Helvetica, sans-serif;" class=""><b
                class="">Re: [Ndn-interest] Complete trust management
                from scratch in ndn-cxx</b><br class="">
            </span></div>
          <div style="margin-top: 0px; margin-right: 0px; margin-bottom:
            0px; margin-left: 0px;" class="">
            <span style="font-family: -webkit-system-font, Helvetica
              Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);"
              class=""><b class="">Date:
              </b></span><span style="font-family: -webkit-system-font,
              Helvetica Neue, Helvetica, sans-serif;" class="">16
              October 2017 19:49:16 BST<br class="">
            </span></div>
          <div style="margin-top: 0px; margin-right: 0px; margin-bottom:
            0px; margin-left: 0px;" class="">
            <span style="font-family: -webkit-system-font, Helvetica
              Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);"
              class=""><b class="">To:
              </b></span><span style="font-family: -webkit-system-font,
              Helvetica Neue, Helvetica, sans-serif;" class=""><<a
                href="mailto:ndn-interest@lists.cs.ucla.edu" class=""
                moz-do-not-send="true">ndn-interest@lists.cs.ucla.edu</a>><br
                class="">
            </span></div>
          <br class="">
          <div class="">Hello,<br class="">
            why do you have the "//" in each line of the validator?<br
              class="">
            I am by phone so I cannot provide you easily a good answer,
            but you can find a completed and commented use case  here:
            <a
href="https://github.com/MatteoBertolino92/NDN-matteo/blob/master/ndncxx_miniNDN_someUseCases_nacks__certificates__interest_verification.pdf"
              class="" moz-do-not-send="true">
https://github.com/MatteoBertolino92/NDN-matteo/blob/master/ndncxx_miniNDN_someUseCases_nacks__certificates__interest_verification.pdf</a><br
              class="">
            <br class="">
            Section 3. Write me if u need some clarifications.<br
              class="">
            Matteo<br class="">
            <br class="">
            <br class="">
            Quoting Micha? Król <<a href="mailto:m.krol@ucl.ac.uk"
              class="" moz-do-not-send="true">m.krol@ucl.ac.uk</a>>:<br
              class="">
            <br class="">
            <blockquote type="cite" class="">Dear all,<br class="">
              <br class="">
              I'm struggling with setting up a simple trust/security
              system in NDN. I<br class="">
              find it difficult to find an updated set information that
              will work for<br class="">
              all system components. Please correct me if I
              misunderstood something.<br class="">
              <br class="">
              I have a very simple scenario: one producer and one
              consumer on one<br class="">
              machine. I want to have a central entity (root) and a
              publisher<br class="">
              (publisher) that will be allowed to publish trusted
              content.<br class="">
              <br class="">
              I first create the root certificate using ndnsec and
              selfsign it: /<br class="">
              /<br class="">
              <br class="">
              /    ndnsec-key-gen -n /root//<br class="">
              /<br class="">
              <br class="">
              /    ndnsec-sign-req /root > root.cert/<br class="">
              <br class="">
              Next I create a certificate for the publisher and sign it
              using the root<br class="">
              certificate:<br class="">
              <br class="">
              /   ndnsec-key-gen -n /root/publisher >
              unsigned_publisher.cert//<br class="">
              //   ndnsec-cert-gen -S 201510080000 -E 202010080000  -s
              /root -i<br class="">
              /root/publisher -r unsigned_publisher.cert  >
              publisher.cert/<br class="">
              <br class="">
              <br class="">
              I then used the publisher identity to sign the data:<br
                class="">
              <br class="">
              /    m_ident =
              m_keyChain.createIdentity(Name("/root/publisher"));//<br
                class="">
              //    m_info = ndn::security::SigningInfo(m_ident);/<br
                class="">
              <br class="">
              /    m_keyChain.sign(*data, m_info);/<br class="">
              <br class="">
              On the consumer side I use a validator to validate data:<br
                class="">
              <br class="">
              /    m_validator->load("sample.cfg");/<br class="">
              <br class="">
              /    m_validator->validate (data,//<br class="">
              //            ndn::bind(&Consumer::onValidated, this,
              _1),//<br class="">
              //            ndn::bind(&Consumer::onValidationFailed,
              this, _1, _2));/<br class="">
              <br class="">
              <br class="">
              I want to trust everything signed with the publishers key.
              The<br class="">
              sample.cfg is:<br class="">
              <br class="">
              /    rule//<br class="">
              //    {//<br class="">
              //      id "Sample Rule"//<br class="">
              //      for data//<br class="">
              //      filter//<br class="">
              //      {//<br class="">
              //        type name//<br class="">
              //        name /root/publisher//<br class="">
              //        relation is-prefix-of//<br class="">
              //      }//<br class="">
              //      checker//<br class="">
              //      {//<br class="">
              //        type hierarchical//<br class="">
              //        sig-type rsa-sha256//<br class="">
              //      }//<br class="">
              //    }//<br class="">
              //<br class="">
              //    trust-anchor//<br class="">
              //    {//<br class="">
              //      type file//<br class="">
              //      file-name "root.cert"//<br class="">
              //    }/<br class="">
              <br class="">
              <br class="">
              Now, when I launch the consumer, it issues an interest,
              gets the data,<br class="">
              issues another interest to get the key<br class="">
(/root/publisher/KEY/4%05i%7E%3C%F6%87%2F/%FD%00%00%01_%25%8Bz%80), but<br
                class="">
              ends up with an error:<br class="">
              <br class="">
              /    Malformed certificate (Name does not follow the
              naming convention<br class="">
              for certificate). /<br class="">
              <br class="">
              <br class="">
              My question is now, is it how I'm supposed to do this? If
              yes, what's<br class="">
              the problem here? If not, is there any example tutorial,
              walking through<br class="">
              the all steps of managing trust in NDN (ndnsec, app,
              validator)?<br class="">
              <br class="">
              Thanks in advance,<br class="">
              <br class="">
              Micha?<br class="">
              <br class="">
              <br class="">
            </blockquote>
            <br class="">
            <br class="">
            <br class="">
-------------------------------------------------------------------------------<br
              class="">
            This message was sent using EURECOM Webmail: <a
              href="http://webmail.eurecom.fr" class=""
              moz-do-not-send="true">
              http://webmail.eurecom.fr</a><br class="">
            <br class="">
            _______________________________________________<br class="">
            Ndn-interest mailing list<br class="">
            <a href="mailto:Ndn-interest@lists.cs.ucla.edu" class=""
              moz-do-not-send="true">Ndn-interest@lists.cs.ucla.edu</a><br
              class="">
            <a class="moz-txt-link-freetext" href="http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest">http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest</a><br
              class="">
          </div>
        </blockquote>
      </div>
      <br class="">
    </blockquote>
    <br>
  </body>
</html>