[Ndn-lib] ndn-cxx: extract identity from signed Interest
shijunxiao at email.arizona.edu
Sat Feb 28 23:56:02 PST 2015
Is "KEY", "ksk-", "dsk-" in certificate Names part of protocol, or are they
specific to the hierarchical trust model?
Can one create a valid certificate without having "KEY" and ("ksk-" or
"dsk-") in the Name? How is a certificate distinguished from a regular Data
On Fri, Feb 27, 2015 at 7:17 PM, Alex Afanasyev <
alexander.afanasyev at ucla.edu> wrote:
> On Feb 27, 2015, at 5:22 PM, Junxiao Shi <shijunxiao at email.arizona.edu>
> Hi Alex
> Is ndn-cxx designed to support multiple trust models, or just the
> hierarchy trust model?
> ValidatorConf is designed to support multiple trust models.
> If it's meant to support multiple trust models, why does ndn-cxx has the
> concept of identity?
> My personal view is that it is defined to organize hierarchy of local
> certificates (group by key and identity). Just convenience, not a
> Yours, Junxiao
> On Feb 27, 2015 4:55 PM, "Alex Afanasyev" <alexander.afanasyev at ucla.edu>
> > Trust model should be defined. How it is a different question. In my
> opinion, the only way to define it is in terms of names (data names vs.
> certificate names). Other elements such as “identity” can be introduced,
> but it is specific to a particular trust model.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ndn-lib