Project

General

Profile

Feature #5112

Include certificate name in KeyLocator

Added by Junxiao Shi 9 months ago. Updated 9 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
3.00 h

Description

Currently, KeyLocator in Interest/Data signature carries the key name only.
When there are multiple certificates issued to the same key, including when the certificate has been renewed on the same key, the validator may be retrieving an unexpected certificate.

This issue is to put the certificate name into KeyLocator during signing, so that the validator can retrieve the certificate without additional configuration.


Related issues

Related to NFD - Feature #5114: Accommodate certificate name in KeyLocator in /localhop/nfd/rib validation rulesClosedJunxiao Shi

Actions
Related to ndn-cxx - Feature #5142: ValidatorConfig: Accommodate certificate name in hierarchical checkerClosedJunxiao Shi

Actions
Blocks ndn-cxx - Feature #5113: Override certificate name parts in KeyLocatorNew

Actions
#2

Updated by Davide Pesavento 9 months ago

  • Category set to Security
#3

Updated by Junxiao Shi 9 months ago

  • Related to Feature #5114: Accommodate certificate name in KeyLocator in /localhop/nfd/rib validation rules added
#4

Updated by Junxiao Shi 9 months ago

  • Blocks Feature #5113: Override certificate name parts in KeyLocator added
#5

Updated by Alex Afanasyev 9 months ago

  • Tags set to security
#6

Updated by Junxiao Shi about 1 month ago

  • Related to Feature #5142: ValidatorConfig: Accommodate certificate name in hierarchical checker added

Also available in: Atom PDF