[Nfd-dev] [EXT]Re: Update on NDNCERT protocol

Mon Jun 15 12:38:29 PDT 2020

I am starting my internship today.
I may not be able to work on this until this fall quarter.

Best,
Zhiyi

On Mon, Jun 15, 2020 at 12:04 PM Junxiao Shi <shijunxiao at email.arizona.edu>
wrote:

> Hi Zhiyi
>
> ICN submission is done. Can you update the challenge document now?
> When it's finalized, I'll translate and submit for crypto analysis.
>
> Yours, Junxiao
>
> On Thu, Apr 30, 2020 at 1:20 PM Zhiyi Zhang <zhiyi at cs.ucla.edu> wrote:
>
>> *External Email*
>> I plan to finish the ICN paper (only two weeks before the deadline) first
>> and then come back to work on the spec.
>>
>> Best,
>> Zhiyi
>>
>> On Thu, Apr 30, 2020 at 4:14 AM Junxiao Shi <shijunxiao at email.arizona.edu>
>> wrote:
>>
>>> Hi Zhiyi
>>>
>>> It's been 8 days. When do you expect to finish the challenges spec?
>>>
>>> Yours, Junxiao
>>>
>>> On Tue, Apr 21, 2020, 10:42 Junxiao Shi <shijunxiao at email.arizona.edu>
>>> wrote:
>>>
>>>> Hi Zhiyi
>>>>
>>>> Main protocol revision 8921b91 has one typo: SignatureNounce.
>>>> I don't see any other problems.
>>>>
>>>> I started to review the challenges spec.
>>>>
>>>> https://github.com/named-data/ndncert/wiki/NDNCERT-Protocol-0.3-Challenges
>>>> For revision d9fc127, I found the following problems.
>>>>
>>>> *Notations*
>>>> IN and DN would be easier to read if you write as I*n* and D*n*.
>>>> Do not use fixed width font, because these are not strings or TLV-TYPE
>>>> numbers.
>>>> The letter *n* is italic showing that it is a variable. In later
>>>> sections when it's replaced by a number, use regular font.
>>>>
>>>> CSPRG should be written as CSPRG.
>>>> Do not use fixed width font, because this is not string or TLV-TYPE
>>>> number.
>>>>
>>>> *All challenges*
>>>> The main protocol specifies: the CA will keep the state for the time as
>>>> defined in remaining-time field defined by the challenge selected.
>>>> Thus, each challenge needs to define its time limit.
>>>>
>>>> The main protocol specifies that selected-challenge element is required
>>>> in all CHALLENGE Interests.
>>>> Thus, every I2 should contain the selected-challenge element.
>>>>
>>>> What happens if the first CHALLENGE Interest selects one challenge, and
>>>> the second CHALLENGE Interest selects a different challenge?
>>>> Which error code?
>>>>
>>>> *Email Challenge*
>>>> Typo in D1: applicatoin.
>>>>
>>>> It's necessary to specify what elements should appear in the email. I
>>>> think you'll need at least: ca-prefix, request-id, and S.
>>>> Without ca-prefix, one CA could cause the requester to reveal S
>>>> generated by another CA.
>>>> Without request-id, malicious requesters could send the CA other
>>>> requests that deliver similar emails to the legitimate requester, and the
>>>> legitimate requester would have trouble identifying which S corresponds to
>>>> the current request.
>>>>
>>>> *Proof of Credential Challenge*
>>>> In the section title, "of" should not be capitalized. See
>>>> https://www.bkacontent.com/how-to-correctly-use-apa-style-title-case/
>>>>
>>>> Is the ordering between the two key-value pairs significant?
>>>> If reordering is an error, which error code?
>>>>
>>>> Why does this challenge permit multiple tries? For PIN and email
>>>> challenges, there's possibility of user typing error, so that permitting
>>>> multiple tries makes sense. It doesn't make sense here.
>>>>
>>>> * Proof of Private Key Challenge *
>>>> In the section title, "of" should not be capitalized. See
>>>> https://www.bkacontent.com/how-to-correctly-use-apa-style-title-case/
>>>>
>>>> Why does this challenge permit multiple tries? For PIN and email
>>>> challenges, there's possibility of user typing error, so that permitting
>>>> multiple tries makes sense. It doesn't make sense here.
>>>>
>>>>
>>>> Yours, Junxiao
>>>>
>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20200615/b7f8ce52/attachment.html>