Project

General

Profile

Task #3920

Updated by Zhiyi Zhang over 7 years ago

Goals: 

 * Before TrustSchemaPolicy is implemented, this conversion would allow removal of all v1 keychain and validation code 
 * code. The commit should also remove the unused code (e.g. ValidatorRegex) 
 * For existing use of v1 validator in ndn-cxx, convert to v2 validator at the same time. 

 The v2::Validator would take ValidationPolicy to check whether signed data/interest satisfy the validation policy. 

 ValidationPolicy: 

 * ValidationPolicyAcceptAll: accept all signed interest/data without checking 
 * ValidationPolicyCommandInterest: to check the timestamp of a stop-and-wait command Interest. 
 * ValidationPolicySimpleHierarchy: check the signature using a simple hierarchy trust model. The validator would directly fetch certificates according to KeyLocator. 
 * ValidationPolicyConf: enable the naming convention check based on configure 

 To enable more complex and flexible policy, we introduce inner policy as the member variable of ValidationPolicy. This inner policy enables the combination of multiple policies.  

 e.g. One can use ValidationPolicyCommandInterest to check the signed interest's timestamp. To check the remainder parts (signatures of data packets and interest packets), one can use ValidationPolicySimpleHierarchy as the inner policy of ValidationPolicyCommandInterest. In this way, all data packets and interests that satisfy the ValidationPolicyCommandInterest would then use ValidationPolicySimpleHierarchy to finish the remainder checking. 

Back