[Ndn-interest] Describe the HMAC algorithm in SignatureHmacWithSha256?

GTS gts at ics.uci.EDU
Wed Jun 3 01:09:52 PDT 2015


Jeff,

yes, I don't see why not. I think KeyID can be viewed as a sort of a 
locator.
Cheers,
Gene


On 6/2/15 6:03 PM, Thompson, Jeff wrote:
> Hi Gene,
>
> As Tai-Lin suggests, the Name in a KeyLocator does not need to be a
> globally fetchable name. Indeed it is part of the NDN design that names
> can be non-global, and this is used often in NFD (e.g. /localhost command
> interests).
>
> So, could the Key ID be put in a (non-global) key Name in the KeyLocator?
>
> - Jeff T
>
> On 2015/6/1, 20:13, "GTS" <gts at ics.uci.EDU> wrote:
>
>> FWIW, I think Marc is quite right about this issue. What should be used
>> here is a Key ID, and not
>> anything derived (e.g., a hash) of the actual key. Indeed, a key digest
>> is only appropriate in
>> public key settings. In the symmetric case (such as HMAC), using a key
>> digest is not advisable.
>> Cheers,
>> Gene
>>
>>   ======================
>>   Gene Tsudik
>>   Chancellor's Professor of Computer Science
>>   University of California, Irvine
>>
>>
>>
>>
>> On 6/1/15 4:24 PM, Marc.Mosko at parc.com wrote:
>>> ...
>>>
>>> For symmetric key systems, like HMAC, I think it is also acceptable to
>>> use an agreed upon integer identifier for the shared secret, as
>>> determined by a key exchange protocol (e.g. an ISAKMP SPI).  I don¹t
>>> think that symmetric key KeyDigests need to be derived from the key.
>>> That¹s different than public key systems, where the the KeyDigest is
>>> used like the Subject Key Identifier (RFC 5280 4.2.1.2) and derived from
>>> the actual public key.
>>>
>>> Marc
>>>
>>>
>> _______________________________________________
>> Ndn-interest mailing list
>> Ndn-interest at lists.cs.ucla.edu
>> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
> .
>




More information about the Ndn-interest mailing list