Feature #3776
closed
ndnsec-set-default: warn if item doesn't exist
0%
Description
When a non-existent identity/key/certificate is specified to be set as default in ndnsec-set-default, it is silently created.
In most cases, the operator wants to set an existing identity/key/certificate as the default rather than creating a new one, because creating new identity as default is already supported by ndnsec-keygen command.
ndnsec-set-default should print a warning if new identity/key/certificate is being created, to alert the operator about possible human error.
Updated by
Updated by Junxiao Shi over 7 years ago
- Tracker changed from Bug to Feature
- Subject changed from ndnsec allows default identity to be set to unavailable cert with no warning to ndnsec-set-default: warn if item doesn't exist
- Description updated (diff)
- Category set to Tools
- Start date deleted (
09/11/2016) - Estimated time set to 3.00 h
Original title: ndnsec allows default identity to be set to unavailable cert with no warning
Original description:
What is the purpose for supporting this behavior?
$ ndnsec list
/ndn/edu/ucla/remap/jburke
- /ndn/edu/ucla/jburke /ndn/edu/jburke/golem
$ ndnsec set-default /dish/soap
[Silence...]
$ ndnsec list
- /dish/soap <= not available /ndn/edu/ucla/jburke/golem /ndn/edu/ucla/remap/jburke /ndn/edu/ucla/jburke
Even if identities without certs can be added, I would suggest that set-default should warn or fail if the cert isn't available.
Updated by Davide Pesavento over 7 years ago
This ticket should be moved to ndn-cxx project.
Updated by Junxiao Shi over 7 years ago
- Project changed from NFD to ndn-cxx
- Category changed from Tools to Security
Updated by Junxiao Shi almost 7 years ago
- Status changed from New to Closed
As of ndn-cxx 0.5.1-91-g3f205e2:
vagrant@m0212:~$ ndnsec list
/identity
vagrant@m0212:~$ ndnsec-set-default /new-identity
ERROR: Identity /new-identity does not existvagrant@m0212:~$
This problem no longer exists, but the output is missing a newline at the end.