Feature #2856
openConfine registered prefix within identity
0%
Description
In prefix registration, confine registered prefix to the signer's identity.
- Add a
prefix_confinement
boolean option to RIB configuration. The following rules apply only if this option is set to true. - A prefix registration/unregistration command is rejected if the signer's identity is not a prefix of the registered prefix.
Updated by Junxiao Shi over 9 years ago
20150605 conference call concludes that ndn-cxx ValidatorConfig or its successor trust schema is incapable of implementing this confinement, because registered prefix is part of CommandParameters
struct that is encoded into a NameComponent, and ValidatorConfig or trust schema is unable to understand or decode this struct.
There are two possible solutions:
- Change ControlCommand or RibMgmt protocol so that the prefix is exposed as multiple NameComponents, such as:
/localhop/nfd/rib/register/org/example/my-prefix/<other-parameters>/<signature>
. The trust schema would be able to match the prefix. - Implement the confinement in
RibManager
code.
It's decided to take the second approach, in order to avoid the major protocol change which would affect all client libraries and applications.
It's also noted that, with the Management Dispatcher design (#2200), a custom authorization function can be specified for rib/register and rib/unregister commands, which allows easy implementation of the confinement in code.
Updated by Junxiao Shi over 9 years ago
- Blocked by Task #2857: Refactor RibManager to use ManagementDispatcher added
Updated by Junxiao Shi over 8 years ago
- Blocked by Bug #2063: CommandValidator uses deprecated CommandInterestValidator added