[Nfd-dev] [EXT]Re: Try NDNCERT (based on Interest-Data exchange) and get an NDN certificate today
Junxiao Shi
shijunxiao at email.arizona.edu
Sun Jan 10 12:53:58 PST 2021
Hi Davide
>
> > FinalBlockId field missing in CA profile
> > The protocol requires that the CA profile is versioned and segmented,
> and must be compatible with RDR protocol.
> > This requirement implies that the last segment of the CA profile must
> carry a FinalBlockId field that contains a value equaling the last
> component.
> > However, the CA profile packet does not have this field.
>
> While I agree that including FinalBlockId would be preferable, I don't
> remember this being a hard requirement. Where does the spec say that
> FinalBlockId is mandatory?
>
The requirement on having FinalBlockId in CA profile packet is not directly
specified in NDNCERT 0.3 protocol, but inherited from naming convention and
RDR specs. CA profile is a segmented object, and the NDNCERT 0.3 protocol
says it must be retrievable using RDR protocol. To order to be retrievable
with an RDR-compliant fetcher (e.g. ndncatchunks), the last segment needs
to have FinalBlockId.
> I guess a related question is whether "CA" is considered a well-known
> name component used by the NDNCERT protocol and therefore used by all
> instances (and if so, why not "ndncert" instead of "CA"?), or if it's
> just a deployment/configuration decision that could differ per site.
>
>
I'd consider "8=CA" to be a well-known keyword.
Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20210110/bbf831cc/attachment.html>
More information about the Nfd-dev
mailing list