[Ndn-interest] Describe the HMAC algorithm in SignatureHmacWithSha256?
gts at ics.uci.EDU
Wed Jun 3 01:09:52 PDT 2015
yes, I don't see why not. I think KeyID can be viewed as a sort of a
On 6/2/15 6:03 PM, Thompson, Jeff wrote:
> Hi Gene,
> As Tai-Lin suggests, the Name in a KeyLocator does not need to be a
> globally fetchable name. Indeed it is part of the NDN design that names
> can be non-global, and this is used often in NFD (e.g. /localhost command
> So, could the Key ID be put in a (non-global) key Name in the KeyLocator?
> - Jeff T
> On 2015/6/1, 20:13, "GTS" <gts at ics.uci.EDU> wrote:
>> FWIW, I think Marc is quite right about this issue. What should be used
>> here is a Key ID, and not
>> anything derived (e.g., a hash) of the actual key. Indeed, a key digest
>> is only appropriate in
>> public key settings. In the symmetric case (such as HMAC), using a key
>> digest is not advisable.
>> Gene Tsudik
>> Chancellor's Professor of Computer Science
>> University of California, Irvine
>> On 6/1/15 4:24 PM, Marc.Mosko at parc.com wrote:
>>> For symmetric key systems, like HMAC, I think it is also acceptable to
>>> use an agreed upon integer identifier for the shared secret, as
>>> determined by a key exchange protocol (e.g. an ISAKMP SPI). I don¹t
>>> think that symmetric key KeyDigests need to be derived from the key.
>>> That¹s different than public key systems, where the the KeyDigest is
>>> used like the Subject Key Identifier (RFC 5280 22.214.171.124) and derived from
>>> the actual public key.
>> Ndn-interest mailing list
>> Ndn-interest at lists.cs.ucla.edu
More information about the Ndn-interest