Task #1204
open
Redesign of signing process / Per-instance signing keys
0%
Description
Signing process should not directly use TPM-based signing in KeyChain to sign all Data and Interests. Instead, there should be an API to generate a key pair and a (properly signed) certificate for the running instance of the application.
This task also includes figuring out the way to store/exchange the per-instance certificate. For example, should it be published or be available only during application instance active time?
Updated by Junxiao Shi over 10 years ago
- Description updated (diff)
Certificates must be published. Otherwise, Data cannot be verified once the certificate is gone.
Publishing per-instance certificates is expensive, especially for short-lived producers.
If ndn-tlv-poke is called once per minutes, it's 1440 certificates per day.
Per-instance signing are suitable for a few apps that (1) are long-lived producers (2) Data are not useful beyond producer lifetime.
It should not be the default signing method in the library.
Updated by Alex Afanasyev over 10 years ago
For applications such as ndn-tlv-ping (real-time-like apps when data is not longer useful after application stops), publishing can be accomplished with the result of task #1480
For other types of Data, I agree that we need to define a way (and where) to publish certificates.
Updated by Junxiao Shi about 10 years ago
One solution to the certificate publishing problem is #1529.
However, as pointed out in note-1, this is unsuitable for short-lived producers.