Feature #2856
open
Confine registered prefix within identity
Added by Junxiao Shi almost 9 years ago.
Updated almost 9 years ago.
Description
In prefix registration, confine registered prefix to the signer's identity.
- Add a
prefix_confinement boolean option to RIB configuration.
The following rules apply only if this option is set to true.
- A prefix registration/unregistration command is rejected if the signer's identity is not a prefix of the registered prefix.
20150605 conference call concludes that ndn-cxx ValidatorConfig or its successor trust schema is incapable of implementing this confinement, because registered prefix is part of CommandParameters struct that is encoded into a NameComponent, and ValidatorConfig or trust schema is unable to understand or decode this struct.
There are two possible solutions:
- Change ControlCommand or RibMgmt protocol so that the prefix is exposed as multiple NameComponents, such as:
/localhop/nfd/rib/register/org/example/my-prefix/<other-parameters>/<signature>.
The trust schema would be able to match the prefix.
- Implement the confinement in
RibManager code.
It's decided to take the second approach, in order to avoid the major protocol change which would affect all client libraries and applications.
It's also noted that, with the Management Dispatcher design (#2200), a custom authorization function can be specified for rib/register and rib/unregister commands, which allows easy implementation of the confinement in code.
- Blocked by Task #2857: Refactor RibManager to use ManagementDispatcher added
- Blocked by Bug #2063: CommandValidator uses deprecated CommandInterestValidator added
Also available in: Atom
PDF
Updated by