[Nfd-dev] Try NDNCERT (based on Interest-Data exchange) and get an NDN certificate today

Tue Nov 12 10:34:21 PST 2019

Great, thanks for the update.

As you are updating documents, please use the term "JSON text" and cite RFC
8259.
The term "JSON file" means nothing in a network protocol.

Yours, Junxiao

On Tue, Nov 12, 2019 at 1:32 PM Zhiyi Zhang <zhiyi at cs.ucla.edu> wrote:

> Thank you for pointing this out. I will update the documentation.
> Now the config directly goes to the top level, because now each
> ndncert-ca-server only takes care of one CA instance, therefore there is no
> need to have a ca-config top-level attribute.
>
> Best,
> Zhiyi
>
> On Tue, Nov 12, 2019 at 10:01 AM Junxiao Shi <shijunxiao at email.arizona.edu>
> wrote:
>
>> Hi Zhiyi
>>
>> It seems that the deployed CA is not implementing /CA/_PROBE/INFO
>> protocol correctly.
>>
>> NDNCERT protocol 0.2
>> <https://github.com/named-data/ndncert/wiki/NDNCERT-Protocol-0.2/6a0aab2e7ffe8fd6f68f04dccd27e84ed65b3e32> section
>> 2.3.1 says:
>>
>> JSON format:
>>
>>
>>    - "name": assigned sub-namespace (appears when PROBE Interest carries
>>       Parameters).
>>       - "ca-config": ca configuration content (appears when PROBE
>>       Interest ends with CA/PROBE/INFO).
>>
>> and gives an example:
>>
>> Interest:
>> Name: /ndn/CA/_PROBE/INFO
>>
>> Data:
>> Name: /ndn/CA/_PROBE/INFO
>> Content:
>> {
>>   "ca-config": {
>>     "ca-prefix": "/zhiyi-home/controller"
>>     "probe": "email"
>>     "certificate": "Bv0CJAcsCANuZG4IBXNpd..."
>>   }
>> }
>> Signature
>>
>>
>>
>> According to the protocol, the /CA/_PROBE/INFO response should be a JSON
>> object that contains a key "ca-config".
>>
>> However, the packet retrieved from the deployed CA is missing the
>> "ca-config" key, but incorrectly placed the config object at top level:
>>
>> $ ndnpeek -p /ndn/edu/ucla/yufeng/CA/_PROBE/INFO
>> {
>>     "ca-prefix": "\/ndn\/edu\/ucla\/yufeng",
>>     "ca-info": "UCLA CA",
>>     "probe": "email",
>>     "certificate":
>> "Bv0DfQc2CANuZG4IA2VkdQgEdWNsYQgGeXVmZW5nCANLRVkICHelnivON8k8CAJO\nQQgJ\/QAAAWx3XLP1FAkYAQIZBAA27oAV\/QEmMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEApvMgYc\/PTZDcgKC3BAQ5zEs\/B09pJ8TpR41BjGJe1KIr0P0M\nGZlCW1ZKbsV8y+gZKUZefVwqwfHUJlto\/OpQgxm2oZED\/f\/m4F80KIRzpGi7sF0P\nvOiZErXEUAJzTrhb5SFzQo9P9n4Zi7uptltFPkpTdZrSKiKfW7ejn5woXoUgjC1E\nnMQAx+UFPjqbd3C1t5SlmfYtRFiaekF2LN+rkb1AnQ99lisSOwGdwbbyyxrcbclI\n5DxH9xrbAswHnn26grEGczAzM940Ksvsyd0tfc2EQirHc+IYWHoESMySzB6bJ0Q1\nGAG6INqklSAfOCz0upKzmyOcTE9yxYblsRmv9QIDAQABFv0BCBsBARwhBx8IA25k\nbggDZWR1CAR1Y2xhCANLRVkICNIoXYQ3ivN6\/QD9Jv0A\/g8yMDE5MDgwOFQxNzEw\nNTn9AP8PMjAyMDA4MDhUMTcxMDU5\/QECtP0CAA\/9AgEHYWR2aXNvcv0CAgD9AgAc\n\/QIBBWVtYWls\/QICD3l1ZmVuZ0B1Y2xhLmVkdf0CABz9AgEIZnVsbG5hbWX9AgIM\nWXVmZW5nIFpoYW5n\/QIADf0CAQVncm91cP0CAgD9AgAP\/QIBB2hvbWV1cmz9AgIA\n\/QIAOf0CAQxvcmdhbml6YXRpb279AgIlVW5pdmVyc2l0eSBvZiBDYWxpZm9ybmlh\nLCBMb3MgQW5nZWxlcxf9AQBdzD9rcuhnba7pHA\/TSptn+qhCq10Y5cPMDmk8fhUx\nWSJdJ\/BAml4gI539uIUIy6g+ZbpxPTBR4YwJSsP5FWFENIpGcB3spZrBnDCzGKY2\niNTODaVi4dHv8UAcVaN5cNUVbvr8KvZyzTHN4UYJTu1NAnw3J3SleOF+8Rfujv4r\nRyq+5ydqw36aZc5Dkp4oYOXhkMlvZijUy\/IIuetVvEJxvQsixw4p+ZrANCqow5gl\nHKI4B\/WbQJmjfyx+3TJ0QXnpV3sL9trNqEimTYY1P+VTl\/hOVsC4E7knNcF3zzGF\naBPyI2Q511N3nuHVtrDAnPjnEddNSoF4NRDILg6iCSrJ\n"
>> }
>>
>> Yours, Junxiao
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20191112/e3fb5320/attachment.html>