Task #2122
closedReplace DER encoded certificate using NDN's own TLV encoding
100%
Description
DER encoding which is used by X.509 certificate imposes dependency requirements on ndn-cxx because current NDN certificate format is heavily based on X.509 certificate.
Since DER is only a TLV encoding mechanism, and NDN's own TLV is another TLV encoding mechanism.
Encoding certificate using NDN's own TLV may remove the dependency on DER encoding/decoding library.
Moreover, since changing encoding/decoding mechanism would inevitably change the certificate content, it would be good to review the current certificate design and change it if necessary so that we do not have to change certificate spec twice.
Updated by Yingdi Yu about 10 years ago
- Blocks Bug #2104: ndncert subject name only allows printable_string added
Updated by Yingdi Yu about 10 years ago
- Blocked by Task #2123: Revisit NDN certificate design added
Updated by Tai-Lin Chu about 10 years ago
ecdsa signature uses asn1 encoding too.
crypto library already uses asn1 encoding, so this only solves part of dependency problem.
to truly get rid of der encoding, you will have to implement on how security saves private and public key too.
Updated by Yingdi Yu about 10 years ago
First, signature bits, as well as public key bits, should be opaque to NDN packets and certificates, so which encoding mechanism is used really does not matter.
Second, it is really unnecessary to require an NDN developer to understand both NDN-TLV and DER encoding at the same time.
Third, we do not want to completely get rid of der encoding, der encoding is still necessary for crypto operation, but certificate process per se is not crypto operation.
Updated by Junxiao Shi over 9 years ago
- Related to Task #2861: Write certificate format 2.0 doc added
Updated by Yingdi Yu over 9 years ago
- Related to Feature #2868: ValidityPeriod abstraction for SignatureInfo added
Updated by Junxiao Shi over 9 years ago
- Related to Feature #3058: AdditionalDescription in SignatureInfo added
Updated by Junxiao Shi over 9 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
Yingdi reveals at 20150727 conference call that this is completed with #2861.