Feature #2376
closed
Added by Yingdi Yu over 9 years ago.
Updated over 7 years ago.
Description
Command interest validation requires both signature verification and timestamp checking.
There are several potential ways to handle signature verification (e.g., ValidatorRegex and ValidatorConfig), while there are also several potential ways to handle timestamp checking (e.g., send-and-stop, session-based control). A desired abstraction would be to separate the two functionalities apart.
This feature implements a validator that checks the timestamp of a stop-and-wait CommandInterest, while delegating signature verification to another inner validator.
- Related to Feature #2065: ValidatorRegex: verify signed Interest added
- Subject changed from Make signed interest validation a common procedure of all Validator implementations to Separate timestamp checking from Validator
- Description updated (diff)
- Assignee set to Michael Sweatt
There is no command Interest concept. The protocol is called SignedInterest, unless you revise it.
From Yingdi:
I think we have resolved this name issue long time ago. The conclusion is that signed interest only contains signatureInfo and signatureType, command interest is a signed interest, but with two more components: timestamp and nonce.
Update protocol spec to reflect this change.
- Status changed from New to Code review
- % Done changed from 0 to 90
commit:9daa09792ce702fe3d6e4b8b90a768297f87e228 weakens the security guarantees provided by ValidatorConfig::checkPolicy without changing the API.
This change doesn't break compilation of dependent projects, and can cause a false illusion of security.
My suggestion is to move this change to a feature branch, along with at least one other change that will break validator API such as #1872.
When the feature branch is merged back to master, the breaking API change would be sufficient to warn developers about the weakened security guarantees and prompt them to use CommandInterestValidator.
At 20150610 conference call Alex agrees that either a feature branch should be utilized, or it should be ensured that this Change is merged together with at least one other Change that breaks API.
- Blocks Bug #2063: CommandValidator uses deprecated CommandInterestValidator added
- Status changed from Code review to Feedback
- Start date deleted (
01/13/2015)
This shouldn't be in CodeReview until note-8 is fulfilled.
- Tracker changed from Task to Feature
- Subject changed from Separate timestamp checking from Validator to CommandInterestValidator
- Description updated (diff)
- Status changed from Feedback to In Progress
- Assignee changed from Michael Sweatt to Junxiao Shi
- Target version set to v0.5
- % Done changed from 90 to 40
- Estimated time set to 6.00 h
- % Done changed from 40 to 70
https://gerrit.named-data.net/2962 patchset2 has the test cases for accepting condition and all rejecting conditions.
I still need to implement capacity limits and the corresponding test cases.
I also notice that makeInterest and similar functions are in ndn::util namespace.
https://gerrit.named-data.net/3002 moves them to ndn::tests namespace.
- Status changed from In Progress to Code review
- % Done changed from 70 to 100
- Status changed from Code review to Closed
- Related to Bug #3698: Compilation error on Ubuntu 14.04 with clang compiler added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by