[Ndn-interest] NLSR security settings

Salvatore Signorello unict.signorello at gmail.com
Mon Aug 4 08:55:47 PDT 2014

Hi all,

I'm not able to figure out why they've provided a different sequence of
commands into the security settings tutorial
"$NLSR_HOME/docs/SECURITY.md" between point 1 and points 2,3,4 into the
section "##Example". That is, in point 1 they use two commands to
generate a signed-certificate of the key:

$ndnsec-key-gen -n /ndn
$ndnsec-sign-req /ndn > root.cert

even if the same result can be obtained just using the first command 

$ndnsec-key-gen -n /ndn > root.cert

as they do after for the other keys in points 2,3,4.
I understand that they wanted to outline that in the first case the key
has been self-signed, but I would have used just one command putting
some more info into the filename, e.g.,

$ndnsec-key-gen -n /ndn > self-signed_root.cert

imho what could be misleading going through the tutorial is the fact
that thereafter in points 2-3-4 they use filenames with the prefix
"unsigned-" to name keys that are indeed signed.

And what about the option of fetching a unsigned version of the key
using another ndnsec tool and passing that one to ndnsec-cert-gen, would
it feel better?

Please let me know if I've well understood or I've missed something

More information about the Ndn-interest mailing list