[Nfd-dev] Try NDNCERT (based on Interest-Data exchange) and get an NDN certificate today
Junxiao Shi
shijunxiao at email.arizona.edu
Tue Nov 12 10:01:34 PST 2019
Hi Zhiyi
It seems that the deployed CA is not implementing /CA/_PROBE/INFO protocol
correctly.
NDNCERT protocol 0.2
<https://github.com/named-data/ndncert/wiki/NDNCERT-Protocol-0.2/6a0aab2e7ffe8fd6f68f04dccd27e84ed65b3e32>
section
2.3.1 says:
JSON format:
- "name": assigned sub-namespace (appears when PROBE Interest carries
Parameters).
- "ca-config": ca configuration content (appears when PROBE Interest
ends with CA/PROBE/INFO).
and gives an example:
Interest:
Name: /ndn/CA/_PROBE/INFO
Data:
Name: /ndn/CA/_PROBE/INFO
Content:
{
"ca-config": {
"ca-prefix": "/zhiyi-home/controller"
"probe": "email"
"certificate": "Bv0CJAcsCANuZG4IBXNpd..."
}
}
Signature
According to the protocol, the /CA/_PROBE/INFO response should be a JSON
object that contains a key "ca-config".
However, the packet retrieved from the deployed CA is missing the
"ca-config" key, but incorrectly placed the config object at top level:
$ ndnpeek -p /ndn/edu/ucla/yufeng/CA/_PROBE/INFO
{
"ca-prefix": "\/ndn\/edu\/ucla\/yufeng",
"ca-info": "UCLA CA",
"probe": "email",
"certificate":
"Bv0DfQc2CANuZG4IA2VkdQgEdWNsYQgGeXVmZW5nCANLRVkICHelnivON8k8CAJO\nQQgJ\/QAAAWx3XLP1FAkYAQIZBAA27oAV\/QEmMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEApvMgYc\/PTZDcgKC3BAQ5zEs\/B09pJ8TpR41BjGJe1KIr0P0M\nGZlCW1ZKbsV8y+gZKUZefVwqwfHUJlto\/OpQgxm2oZED\/f\/m4F80KIRzpGi7sF0P\nvOiZErXEUAJzTrhb5SFzQo9P9n4Zi7uptltFPkpTdZrSKiKfW7ejn5woXoUgjC1E\nnMQAx+UFPjqbd3C1t5SlmfYtRFiaekF2LN+rkb1AnQ99lisSOwGdwbbyyxrcbclI\n5DxH9xrbAswHnn26grEGczAzM940Ksvsyd0tfc2EQirHc+IYWHoESMySzB6bJ0Q1\nGAG6INqklSAfOCz0upKzmyOcTE9yxYblsRmv9QIDAQABFv0BCBsBARwhBx8IA25k\nbggDZWR1CAR1Y2xhCANLRVkICNIoXYQ3ivN6\/QD9Jv0A\/g8yMDE5MDgwOFQxNzEw\nNTn9AP8PMjAyMDA4MDhUMTcxMDU5\/QECtP0CAA\/9AgEHYWR2aXNvcv0CAgD9AgAc\n\/QIBBWVtYWls\/QICD3l1ZmVuZ0B1Y2xhLmVkdf0CABz9AgEIZnVsbG5hbWX9AgIM\nWXVmZW5nIFpoYW5n\/QIADf0CAQVncm91cP0CAgD9AgAP\/QIBB2hvbWV1cmz9AgIA\n\/QIAOf0CAQxvcmdhbml6YXRpb279AgIlVW5pdmVyc2l0eSBvZiBDYWxpZm9ybmlh\nLCBMb3MgQW5nZWxlcxf9AQBdzD9rcuhnba7pHA\/TSptn+qhCq10Y5cPMDmk8fhUx\nWSJdJ\/BAml4gI539uIUIy6g+ZbpxPTBR4YwJSsP5FWFENIpGcB3spZrBnDCzGKY2\niNTODaVi4dHv8UAcVaN5cNUVbvr8KvZyzTHN4UYJTu1NAnw3J3SleOF+8Rfujv4r\nRyq+5ydqw36aZc5Dkp4oYOXhkMlvZijUy\/IIuetVvEJxvQsixw4p+ZrANCqow5gl\nHKI4B\/WbQJmjfyx+3TJ0QXnpV3sL9trNqEimTYY1P+VTl\/hOVsC4E7knNcF3zzGF\naBPyI2Q511N3nuHVtrDAnPjnEddNSoF4NRDILg6iCSrJ\n"
}
Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20191112/c2fe8e2a/attachment.html>
More information about the Nfd-dev
mailing list