[Nfd-dev] [EXT]Re: Update on NDNCERT protocol
Junxiao Shi
shijunxiao at email.arizona.edu
Mon Jun 15 12:04:14 PDT 2020
Hi Zhiyi
ICN submission is done. Can you update the challenge document now?
When it's finalized, I'll translate and submit for crypto analysis.
Yours, Junxiao
On Thu, Apr 30, 2020 at 1:20 PM Zhiyi Zhang <zhiyi at cs.ucla.edu> wrote:
> *External Email*
> I plan to finish the ICN paper (only two weeks before the deadline) first
> and then come back to work on the spec.
>
> Best,
> Zhiyi
>
> On Thu, Apr 30, 2020 at 4:14 AM Junxiao Shi <shijunxiao at email.arizona.edu>
> wrote:
>
>> Hi Zhiyi
>>
>> It's been 8 days. When do you expect to finish the challenges spec?
>>
>> Yours, Junxiao
>>
>> On Tue, Apr 21, 2020, 10:42 Junxiao Shi <shijunxiao at email.arizona.edu>
>> wrote:
>>
>>> Hi Zhiyi
>>>
>>> Main protocol revision 8921b91 has one typo: SignatureNounce.
>>> I don't see any other problems.
>>>
>>> I started to review the challenges spec.
>>>
>>> https://github.com/named-data/ndncert/wiki/NDNCERT-Protocol-0.3-Challenges
>>> For revision d9fc127, I found the following problems.
>>>
>>> *Notations*
>>> IN and DN would be easier to read if you write as I*n* and D*n*.
>>> Do not use fixed width font, because these are not strings or TLV-TYPE
>>> numbers.
>>> The letter *n* is italic showing that it is a variable. In later
>>> sections when it's replaced by a number, use regular font.
>>>
>>> CSPRG should be written as CSPRG.
>>> Do not use fixed width font, because this is not string or TLV-TYPE
>>> number.
>>>
>>> *All challenges*
>>> The main protocol specifies: the CA will keep the state for the time as
>>> defined in remaining-time field defined by the challenge selected.
>>> Thus, each challenge needs to define its time limit.
>>>
>>> The main protocol specifies that selected-challenge element is required
>>> in all CHALLENGE Interests.
>>> Thus, every I2 should contain the selected-challenge element.
>>>
>>> What happens if the first CHALLENGE Interest selects one challenge, and
>>> the second CHALLENGE Interest selects a different challenge?
>>> Which error code?
>>>
>>> *Email Challenge*
>>> Typo in D1: applicatoin.
>>>
>>> It's necessary to specify what elements should appear in the email. I
>>> think you'll need at least: ca-prefix, request-id, and S.
>>> Without ca-prefix, one CA could cause the requester to reveal S
>>> generated by another CA.
>>> Without request-id, malicious requesters could send the CA other
>>> requests that deliver similar emails to the legitimate requester, and the
>>> legitimate requester would have trouble identifying which S corresponds to
>>> the current request.
>>>
>>> *Proof of Credential Challenge*
>>> In the section title, "of" should not be capitalized. See
>>> https://www.bkacontent.com/how-to-correctly-use-apa-style-title-case/
>>>
>>> Is the ordering between the two key-value pairs significant?
>>> If reordering is an error, which error code?
>>>
>>> Why does this challenge permit multiple tries? For PIN and email
>>> challenges, there's possibility of user typing error, so that permitting
>>> multiple tries makes sense. It doesn't make sense here.
>>>
>>> * Proof of Private Key Challenge *
>>> In the section title, "of" should not be capitalized. See
>>> https://www.bkacontent.com/how-to-correctly-use-apa-style-title-case/
>>>
>>> Why does this challenge permit multiple tries? For PIN and email
>>> challenges, there's possibility of user typing error, so that permitting
>>> multiple tries makes sense. It doesn't make sense here.
>>>
>>>
>>> Yours, Junxiao
>>>
>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20200615/4babb805/attachment.html>
More information about the Nfd-dev
mailing list