Project

General

Profile

Actions

Task #1204

open

Redesign of signing process / Per-instance signing keys

Added by Alex Afanasyev about 10 years ago. Updated over 9 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Signing process should not directly use TPM-based signing in KeyChain to sign all Data and Interests. Instead, there should be an API to generate a key pair and a (properly signed) certificate for the running instance of the application.

This task also includes figuring out the way to store/exchange the per-instance certificate. For example, should it be published or be available only during application instance active time?

Actions #1

Updated by Junxiao Shi almost 10 years ago

  • Description updated (diff)

Certificates must be published. Otherwise, Data cannot be verified once the certificate is gone.

Publishing per-instance certificates is expensive, especially for short-lived producers.
If ndn-tlv-poke is called once per minutes, it's 1440 certificates per day.

Per-instance signing are suitable for a few apps that (1) are long-lived producers (2) Data are not useful beyond producer lifetime.
It should not be the default signing method in the library.

Actions #2

Updated by Alex Afanasyev almost 10 years ago

For applications such as ndn-tlv-ping (real-time-like apps when data is not longer useful after application stops), publishing can be accomplished with the result of task #1480

For other types of Data, I agree that we need to define a way (and where) to publish certificates.

Actions #3

Updated by Junxiao Shi over 9 years ago

  • Category set to Security
Actions #4

Updated by Junxiao Shi over 9 years ago

One solution to the certificate publishing problem is #1529.

However, as pointed out in note-1, this is unsuitable for short-lived producers.

Actions

Also available in: Atom PDF