[Nfd-dev] Who's serving application certificates?

Gusev, Peter peter at remap.ucla.edu
Mon Oct 10 12:57:33 PDT 2016


Hi architects,

I have an "NDN applications eco-system”-related question which came up recently while preparing the new release of ndncon.

Right now, according to previous discussions w/ Junxiao, Alex, I see the right way to manage application identity is the following:

- on the first launch, application is supplied with the signing identity by the user (i.e. /ndn/edu/ucla/remap/peter)
- application creates long-lived app identity and KSK certificate (i.e. …/peter/ndncon)
- application generates short-lived instance identity and DSK certificate (i.e. …/peter/ndncon/instance-id) and implements the certificate roll-over
- application publishes data under instance identity namespace
- application is responsible for serving instance certificate.

That said, the question is -- is it the application who’s responsible for serving app certificate as well? Or is some kind of local NDN-app infrastructure (think, NDN repo) will be responsible (in the future?) for serving all app certificates installed on the end host?
This seems to be related to the cases when several instances of the same app can be run simultaneously.

Thanks,

--
Peter Gusev

peter at remap.ucla.edu<mailto:peter at remap.ucla.edu>
+1 213 5872748
peetonn_ (skype)

Software Engineer/Programmer Analyst @ REMAP UCLA

Video streaming/ICN networks/Creative Development

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20161010/b901bfe5/attachment.html>


More information about the Nfd-dev mailing list