Project

General

Profile

Feature #1529

PIB service

Added by Yingdi Yu over 6 years ago. Updated about 5 years ago.

Status:
Abandoned
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:

Description

SecPublicInfo is a database containing public information of keys (such as identity, public key, and certificates).
When an application needs to sign a data (or interest), SecPublicInfo provides the information that can help the application to select the appropriate signing key and the corresponding certificate of the signing key.

For now, SecPublicInfo is implemented as a file-based database with sqlite3 interfaces.
Such an implementation may have following issues:

  • Language Dependency: the public information should be platform-independent, i.e., applications and libraries developed in different languages should be able to get the public information.
  • Flexibility: If people want to develop a new library that will use the public information, they should follow a standard protocol or interface, instead of a detailed implementation.
  • Access Control: all the public information is stored in a file. Anyone who has the access to the file can change the public information, so that application may sign data based on wrong information.
  • Multi-User Support: The file containing the database is a file under a user's home directory, so that each user has its own public information database which is not shared with other users. However, for system-level applications (such as nrd and nfd), they may need users' public information. For users, public information of system level application would also be useful.

Therefore, it would be better to make SecPublicInfo as a service which provides an lookup interface and also serves as a guard of the public information.
Here is a rough idea about this service (detailed protocol design will be posted on wiki page):

  • The service is still implemented as an NDN application and runs as a daemon.
  • Read operations (lookups) will be implemented as normal interests.
  • Write operation (adding/deleting/modifying) will be implemented as command interests (to enable access control)
  • The service will also publish certificates in the database.

Design doc is available at http://redmine.named-data.net/projects/ndn-cxx/wiki/PublicKey_Info_Base


Related issues

Related to ndn-tools - Feature #3018: PIB serviceClosedYingdi Yu

Actions
Blocks NFD - Feature #2181: Disallow unsolicited Data from local appsClosedJunxiao Shi

Actions
Blocked by ndn-cxx - Feature #2279: Signal: allow only owner to emit eventsClosedJunxiao Shi

Actions
Blocks ndn-cxx - Feature #1794: Make KeyChain use PIB ServiceRejected

Actions
#1

Updated by Alex Afanasyev over 6 years ago

  • Category set to Security
  • Target version set to v0.2
#2

Updated by Yingdi Yu over 6 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 20
#3

Updated by Junxiao Shi over 6 years ago

  • Target version changed from v0.2 to v0.3

20140612 conference call approves to defer this to 0.3.

#4

Updated by Yingdi Yu about 6 years ago

  • Description updated (diff)
  • % Done changed from 20 to 30
#5

Updated by Yingdi Yu about 6 years ago

  • Status changed from In Progress to Code review
  • % Done changed from 30 to 100
#6

Updated by Junxiao Shi over 5 years ago

  • Blocks Feature #2181: Disallow unsolicited Data from local apps added
#7

Updated by Junxiao Shi over 5 years ago

  • Blocked by Feature #2279: Signal: allow only owner to emit events added
#8

Updated by Junxiao Shi over 5 years ago

  • Status changed from Code review to In Progress

Yingdi reveals at 20150218 conference call that further progress of PIB service is blocked by "the new EventEmitter" aka Signal, which is in fact completed two months ago.

Yingdi agrees to resume working on PIB service.

Since additional work is needed in this issue, Status is reverted to 'In Progress'.

#9

Updated by Junxiao Shi about 5 years ago

  • Tracker changed from Task to Feature
  • Subject changed from Make SecPublicInfo as a service to PIB service
  • Target version changed from v0.3 to v0.4
  • Start date deleted (04/23/2014)
#10

Updated by Junxiao Shi about 5 years ago

#11

Updated by Junxiao Shi about 5 years ago

#12

Updated by Junxiao Shi about 5 years ago

  • Status changed from In Progress to Abandoned

As decided in 20150720 conference call, PIB service is placed into ndn-tools repository (#3018). ndn-cxx feature-pib branch will be pruned.

Also available in: Atom PDF