Project

General

Profile

Feature #5112

Include certificate name in KeyLocator

Added by Junxiao Shi over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
3.00 h

Description

Currently, KeyLocator in Interest/Data signature carries the key name only.
When there are multiple certificates issued to the same key, including when the certificate has been renewed on the same key, the validator may be retrieving an unexpected certificate.

This issue is to put the certificate name into KeyLocator during signing, so that the validator can retrieve the certificate without additional configuration.


Related issues

Related to NFD - Feature #5114: Accommodate certificate name in KeyLocator in /localhop/nfd/rib validation rulesClosedJunxiao Shi

Actions
Related to ndn-cxx - Feature #5142: ValidatorConfig: Accommodate certificate name in hierarchical checkerClosedJunxiao Shi

Actions
Blocks ndn-cxx - Feature #5113: Override certificate name parts in KeyLocatorNew

Actions
#2

Updated by Davide Pesavento over 1 year ago

  • Category set to Security
#3

Updated by Junxiao Shi over 1 year ago

  • Related to Feature #5114: Accommodate certificate name in KeyLocator in /localhop/nfd/rib validation rules added
#4

Updated by Junxiao Shi over 1 year ago

  • Blocks Feature #5113: Override certificate name parts in KeyLocator added
#5

Updated by Alex Afanasyev over 1 year ago

  • Tags set to security
#6

Updated by Junxiao Shi 8 months ago

  • Related to Feature #5142: ValidatorConfig: Accommodate certificate name in hierarchical checker added

Also available in: Atom PDF