Redesign of signing process / Per-instance signing keys
Signing process should not directly use TPM-based signing in KeyChain to sign all Data and Interests. Instead, there should be an API to generate a key pair and a (properly signed) certificate for the running instance of the application.
This task also includes figuring out the way to store/exchange the per-instance certificate. For example, should it be published or be available only during application instance active time?
Updated by Junxiao Shi over 6 years ago
- Description updated (diff)
Certificates must be published. Otherwise, Data cannot be verified once the certificate is gone.
Publishing per-instance certificates is expensive, especially for short-lived producers.
ndn-tlv-poke is called once per minutes, it's 1440 certificates per day.
Per-instance signing are suitable for a few apps that (1) are long-lived producers (2) Data are not useful beyond producer lifetime.
It should not be the default signing method in the library.
Updated by Alex Afanasyev about 6 years ago
For applications such as ndn-tlv-ping (real-time-like apps when data is not longer useful after application stops), publishing can be accomplished with the result of task #1480
For other types of Data, I agree that we need to define a way (and where) to publish certificates.