Feature #2700
closed
pingserver: sign with DigestSha256
Added by Junxiao Shi over 10 years ago.
Updated over 10 years ago.
Description
ndnpingserver signs reply Data packets using the default identity, but ndnping doesn't verify the signature.
Signing without verification is wasted work.
ndnpingserver should always use DigestSha256 signing algorithm.
ndnping shouldn't add verification because the purpose of this tool is to test reachability, and Data spoofing isn't a major risk in current network operations.
I would suggest a slightly different way in the same direction:
- by default signing should be done with DisgestSha256
- if command-line parameter is specified, it is signed with the specified identity.
Signing could be useful for some other experiments, besides just ping.
Signing could be useful for some other experiments, besides just ping.
Can you explain more about what experiments need signing?
I don't know about experiments. Given it is not hard to keep function of real signing, I just prefer it to be kept.
I don't know about experiments. Given it is not hard to keep function of real signing, I just prefer it to be kept.
This is not a matter of "how hard it is".
The goal is simplicity: if there's no use case, don't have this feature.
I disagree with keeping RSA signing in this Feature.
RSA signing is useful only when paired with verification. We could add both RSA signing and validation in a future Feature.
- Assignee set to Eric Newberry
I'm going to go ahead and assign this task to myself. However, I'm still a bit confused as to what exactly it's requesting. Is the signing method being changed or removed from pingserver?
Alex agreed with using DigestSha256 exclusively at 20150508 conference call.
In the future, we could add signing and verification together, if a scenario arises.
- Status changed from New to Code review
- % Done changed from 0 to 100
Any update on the Gerrit change for this issue?
- Status changed from Code review to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by