Task #4263
closed
Re-enable validation for remote routers for dataset requests
0%
Description
Authorization of interests for remote routers has been disabled, and all requests for remote datasets are accepted. This is not the desired behavior, so this should be re-enabled using the v2 security suite.
Updated by
Updated by Nicholas Gordon almost 7 years ago
For some reason I thought that this had been disabled at some point. However, it appears this was never enabled. Preliminary discussions have happened about the details of this, but nothing has been captured here. More thorough discussion will be necessary to delineate the fine details.
Updated by Junxiao Shi almost 7 years ago
StatusDataset is not meant to be authenticated. Even if you authenticate the Interest before publishing a new version of the dataset, the response is cached in the network, and anyone can find them via name discovery (sending Interests with incomplete names).
If it is desirable to protect the information, the response must be encrypted. An earlier version of management dispatcher design contains a ReplyEncryptCallback, but it did not make into the final design because there was no use case back then.
Updated by Nicholas Gordon almost 7 years ago
- Status changed from New to Abandoned
- Start date deleted (
08/29/2017)
This issue has been abandoned on the grounds of urgency and relevance. The general consensus is that, even though this would be useful, there are many more important issues. Additionally, as there is no use case identifiable in the future, this has been abandoned. An issue will be filed in the future if a need presents itself.