https://redmine.named-data.net/https://redmine.named-data.net/favicon.ico?14759811232015-03-13T14:53:27ZNDN project issue tracking systemndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=90952015-03-13T14:53:27ZJunxiao Shi
<ul><li><strong>Tracker</strong> changed from <i>Task</i> to <i>Feature</i></li><li><strong>Subject</strong> changed from <i>KeyChain to sign packet with SHA256 with custom KeyLocator</i> to <i>KeyChain: SHA256-signing with custom KeyLocator</i></li></ul><p>I disagree with this feature because it violates NDN-TLV:</p>
<blockquote>
<p>If KeyLocator is present in SignatureInfo, it MUST be ignored.</p>
</blockquote>
<p>If manifest embedded needs a KeyLocator, please define the format and semantics of this KeyLocator, and propose a change to NDN-TLV.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=90962015-03-13T14:55:31ZIlya Moiseenkoiliamo@ucla.edu
<ul></ul><p>I talked to Yingdi about this some time ago and he agreed with me.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=90972015-03-13T15:03:08ZJunxiao Shi
<ul></ul><p>After the format and semantics of this KeyLocator is defined, I will agree with this feature.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=91332015-03-13T17:55:57ZYingdi Yuyuyingdi@gmail.com
<ul></ul><p>I forgot the reason, what do you plan to put it into KeyLocator?</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=91342015-03-13T17:58:09ZIlya Moiseenkoiliamo@ucla.edu
<ul></ul><p>KeyLocator of the Data packet points to the corresponding Manifest for verification purposes.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=91352015-03-13T18:08:20ZYingdi Yuyuyingdi@gmail.com
<ul></ul><p>I do not think we should use the digestSha256 for this purpose. Instead we should define an other signature type, because the security model is different. </p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=91362015-03-13T18:12:56ZIlya Moiseenkoiliamo@ucla.edu
<ul></ul><p>I initially wanted to have a "KeyLocator only" signature type, but you said that it is not good.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=91412015-03-13T19:34:55ZJunxiao Shi
<ul></ul><blockquote>
<p>KeyLocator of the Data packet points to the corresponding Manifest for verification purposes.</p>
</blockquote>
<p>This seems correct. But please post the exact TLV structure, and reserve relevant TLV-TYPE codes if necessary.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=107122015-06-18T15:50:17ZJunxiao Shi
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Rejected</i></li></ul><p>This Feature is rejected because its basis, <code>KeyChain::signWithSha256</code>, is deprecated in <a class="issue tracker-2 status-5 priority-2 priority-default closed" title="Feature: KeyChain: general signing API (Closed)" href="https://redmine.named-data.net/issues/2871">#2871</a>.<br><br>
If @Ilya still wants this Feature, please reopen the issue with an updated design.</p>
ndn-cxx - Feature #2641: KeyChain: SHA256-signing with custom KeyLocatorhttps://redmine.named-data.net/issues/2641?journal_id=107132015-06-18T16:04:29ZAlex Afanasyev
<ul></ul><p>The function described in this feature can be implemented using the generalized <code>KeyChain::sign(packet, SigningInfo)</code> method, with customized SignatureInfo block supplied as part of SigningInfo (not yet complete).</p>