[Nfd-dev] [EXT]Re: Update on NDNCERT protocol
Davide Pesavento
davidepesa at gmail.com
Mon Apr 13 22:18:18 PDT 2020
On Tue, Apr 14, 2020 at 12:20 AM Zhiyi Zhang <zhiyi at cs.ucla.edu> wrote:
>
> Hi Davide and Junxiao,
>
> Thank you for your comments. I just pushed updates.
>
> * All strings are specified as UTF 8 encoded
> * I made a separate section 2.3.3 to clarify the use of HKDF in NDNCERT
>
>
> On Mon, Apr 13, 2020 at 12:28 PM Davide Pesavento <davidepesa at gmail.com> wrote:
>>
>> On Mon, Apr 13, 2020 at 8:18 AM Junxiao Shi via Nfd-dev
>> <nfd-dev at lists.cs.ucla.edu> wrote:
>> >
>> > Hi Zhiyi
>> >
>> > I'm trying to implement the protocol in NDNts. I've pasted my implementation of the crypto operations at the end of this message.
>> > I have unit-tested these operations and they seem to be working. Since Node.js implements crypto via OpenSSL, this implies OpenSSL has sufficient primitives for crypto needed by NDNCERT.
>> >
>> > I noticed some more issues in the protocol.
>> >
>> >
>> > Several steps specify the use of signed Interest.
>> > They should also specify which uniqueness assurance fields are required in the SignatureInfo: SignatureNonce, SignatureTime, SignatureSeqNum.
>
>
> Addressed.
>
>>
>> >
>> >
>> > Several steps specify MustBeFresh in Interest, but lacks FreshnessPeriod in Data. A Data without FreshnessPeriod cannot satisfy an Interest with MustBeFresh.
>
>
> Addressed.
>
>>
>> > Given signed Interests are unique, it's unnecessary to include MustBeFresh.
>
>
> Let's still keep it.
Why?
More information about the Nfd-dev
mailing list