[Ndn-interest] limit the scope of trust-anchor in trust schema

[Lixia Zhang]

> On Jan 14, 2024, at 11:25 PM, fotiou at aueb.gr wrote:
> 
> Hi Lixia, all
> 
>> yes all trust anchors have limited scope, and different trust domains have
> different trust anchors.
> 
> My question is about limiting the scope of a trust anchor within a domain.
> E.g., in ndn testbed, would be possible to use different trust anchors for /ndn/edu/Arizona and for /ndn/edu/Memphis?

I could offer 2 explanations here:

1/ as illustrated in an old TR from 2018, 
"An Overview of Security Support in Named Data Networking"
https://named-data.net/wp-content/uploads/2018/07/ndn-0057-4-ndn-security.pdf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2024-01-15 at 1.00.50 PM.png
Type: image/png
Size: 59781 bytes
Desc: not available
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20240115/896bb430/attachment-0001.png>
-------------- next part --------------

you could see that even under the same high level namespace (/ndnfit), /ndnfit/Alice has its own trust anchor (you could lookup the TR for more details). This TR is from 6 years back.  We are working on a revision now, one of the things is to add the trust domain concept to it. 

2/ The testbed trust model: it was put together more than 10 years back. Over that time we gained much better understanding about security/trust models. There has been a plan to change it to a multicampus collaborative/peer model, i.e. each site sets up its own trust anchor (as your msg suggested).  As an example, see ACM ICN 2022 poster "Intertrust: establishing inter-zone trust relationships"
https://dl.acm.org/doi/abs/10.1145/3517212.3559489
(we replaced "trust zone" with "trust domain", to avoid potential confusion with tpm trustzone)
But we are yet to get some manpower to change the testbed to multiple trust domain models (we are looking for help!)

Lixia