[Nfd-dev] Try NDNCERT (based on Interest-Data exchange) and get an NDN certificate today

Tue Nov 5 14:01:49 PST 2019

Hi Junxiao and Davide,

Sorry. but to be honest, I don't know why the client will have invalid last
component. (my clinet code simply runs setApplicationParameter(), no more
function calls).
Regarding the CA does not reply, I guess it may be the JSON format problem
(if you generate the JSON on your own)?  I recalled in last hackathon, Alex
met the similar issue. They said some weird newlines are added to the JSON
file generated by the BOOST library.

Best,
Zhiyi

On Tue, Nov 5, 2019 at 11:20 AM Davide Pesavento <davidepesa at gmail.com>
wrote:

> Yes, I was talking about ndncert and the current test deployment that is
> using ndn-cxx v0.6.6.
>
> Davide
>
> On Tue, Nov 5, 2019, 2:17 PM Junxiao Shi <shijunxiao at email.arizona.edu>
> wrote:
>
>> Hi Davide
>>
>> Frame 6 was generated by a different program that does not rely on
>> ndn-cxx-0.6.6.
>> I just confirmed that the packet has the correct
>> ParametersSha256DigestComponent, with the following snippet:
>>
>> // g++ -std=c++14 -o x x.cpp $(pkg-config --cflags --libs libndn-cxx)
>>
>> #include <ndn-cxx/interest.hpp>
>> #include <ndn-cxx/encoding/block.hpp>
>> #include <ndn-cxx/util/string-helper.hpp>
>>
>> #include <iostream>
>> #include <string>
>>
>> std::string pkt =
>> "0571074208036e646e0803656475080475636c610806797566656e6708065f50524f42450220649503f51f30e5f9a3a76d6f1847bcce7208b64367a2459ac848ebfc91f47ed812000a046d1ddfd80c020f97241f7b22656d61696c223a22537573656e746572406461797265702e636f6d227d"
>> ;
>>
>> int main() {
>>   ndn::Block block(ndn::fromHex(pkt));
>>   ndn::Interest interest(block);
>>   bool ok = interest.isParametersDigestValid();
>>   std::cout << static_cast<int>(ok) << std::endl;
>> }
>>
>>
>> 'pkt' was copied from Wireshark using "hex stream" mode. This snippet
>> prints "1", indicating the digest is valid.
>> Thus, I believe this is a problem in NDNCERT-CA deployment.
>>
>> Yours, Junxiao
>>
>> On Tue, Nov 5, 2019 at 12:50 AM Davide Pesavento <davidepesa at gmail.com>
>> wrote:
>>
>>> Using ParametersSha256DigestComponent (and, by extension,
>>> ApplicationParameters) with ndn-cxx-0.6.6 or any earlier versions is a
>>> bad idea. You'd have to take care of the parameters digest manually,
>>> which I doubt ndncert is doing.
>>>
>>> Davide
>>>
>>> On Tue, Nov 5, 2019 at 12:32 AM Junxiao Shi
>>> <shijunxiao at email.arizona.edu> wrote:
>>> >
>>> > Hi Zhiyi
>>> >
>>> > It seems that the current deployment is not handling
>>> ParametersSha256DigestComponent correctly.
>>> >
>>> > In the attached packet sample, frame 1 is a PROBE Interest generated
>>> by ndncert-client from
>>> https://github.com/Zhiyi-Zhang/ndncert/tree/3b9a2501d60e90ec33845e021a500a9820bf9050
>>> .
>>> > The Interest is invalid under Packet Format 0.3, as it contains
>>> ApplicationParameters element but lacks ParametersSha256DigestComponent in
>>> the name.
>>> > Nevertheless, the CA responded to this Interest in frame 2.
>>> >
>>> > Frame 6 was generated by a different program. It carries the same JSON
>>> object, and have a ParametersSha256DigestComponent appended to the name.
>>> However, the CA is not responding to it.
>>> > Did I generate the packet wrong, or is it a problem with the
>>> deployment?
>>> >
>>> > Yours, Junxiao
>>>
>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20191105/aa41ab49/attachment.html>