Project

General

Profile

Actions

Task #4263

closed

Re-enable validation for remote routers for dataset requests

Added by Nicholas Gordon about 7 years ago. Updated almost 7 years ago.

Status:
Abandoned
Priority:
Normal
Assignee:
-
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Authorization of interests for remote routers has been disabled, and all requests for remote datasets are accepted. This is not the desired behavior, so this should be re-enabled using the v2 security suite.

Actions #1

Updated by Ashlesh Gawande almost 7 years ago

  • Parent task deleted (#3964)
Actions #2

Updated by Nicholas Gordon almost 7 years ago

For some reason I thought that this had been disabled at some point. However, it appears this was never enabled. Preliminary discussions have happened about the details of this, but nothing has been captured here. More thorough discussion will be necessary to delineate the fine details.

Actions #3

Updated by Junxiao Shi almost 7 years ago

StatusDataset is not meant to be authenticated. Even if you authenticate the Interest before publishing a new version of the dataset, the response is cached in the network, and anyone can find them via name discovery (sending Interests with incomplete names).
If it is desirable to protect the information, the response must be encrypted. An earlier version of management dispatcher design contains a ReplyEncryptCallback, but it did not make into the final design because there was no use case back then.

Actions #4

Updated by Nicholas Gordon almost 7 years ago

  • Status changed from New to Abandoned
  • Start date deleted (08/29/2017)

This issue has been abandoned on the grounds of urgency and relevance. The general consensus is that, even though this would be useful, there are many more important issues. Additionally, as there is no use case identifiable in the future, this has been abandoned. An issue will be filed in the future if a need presents itself.

Actions

Also available in: Atom PDF