Project

General

Profile

Task #1204

Redesign of signing process / Per-instance signing keys

Added by Alex Afanasyev over 6 years ago. Updated almost 6 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Signing process should not directly use TPM-based signing in KeyChain to sign all Data and Interests. Instead, there should be an API to generate a key pair and a (properly signed) certificate for the running instance of the application.

This task also includes figuring out the way to store/exchange the per-instance certificate. For example, should it be published or be available only during application instance active time?

Also available in: Atom PDF