KITE » History » Revision 10
Revision 9 (Zhongda Xia, 12/02/2020 12:22 AM) → Revision 10/11 (Davide Pesavento, 12/02/2020 12:34 PM)
# KITE The **KITE protocol** allows building forwarding paths for prefixes using *authenticated* "authenticated" Interest-Data exchanges between a Mobile Producer mobile producer (MP) and a trusted Rendezvous Server (RV). An MP sends a **KITE request** (a signed Interest), which is forwarded to the RV because the RV announces a prefix of the name. The KITE request leaves traces in the stateful forwarding plane (PIT entries) of the traversed routers, entries), constructing a reverse forwarding path for Data to be sent back forwarded to the MP. The RV will verify the information carried in the KITE request (primarily the signature, hence and thus the phrase term "authenticated Interest-Data exchange") exchange"), and will respond to legitimate requests with a **KITE acknowledgment** (a acknowledgment**, a Data packet). packet, for legitimate KITE requests. The KITE acknowledgment sent by the RV will trigger intermediate routers forwarders to save the reversed forwarding path for Data as Interest forwarding information, for a prefix specified by the name of the Interest-Data exchange. ## KITE Request A **KITE request** is essentially a [signed Interest](https://named-data.net/doc/NDN-packet-spec/0.3/signed-interest.html) signed Interest as specified in the v0.3 packet format (https://named-data.net/doc/NDN-packet-spec/current/signed-interest.html) that carries both a timestamp and a nonce to prevent replay attacks. for replay-attack prevention. A KITE request is signed and sent by an MP and to be verified by an RV. RV, An Interest packet that satisfies the following requirements is a KITE request: * Conforms to the signed Interest specification. specifications. * With the trailing `ParametersSha256DigestComponent` ApplicationParameters digest removed, the remaining (leading) leading part of the name conforms to KITE request name specification specifications (see below). * Optionally, the `ApplicationParameters` element The ApplicationParameters contains the expiration period for the forwarding path. This must be path (optional), which is a TLV element block of type `ExpirationPeriod` (see [[nfd:ControlCommand]]). Type "tlv::nfd::ExpirationPeriod". KITE request name specification: specifications: * Starts with an *RV prefix*, **RV prefix**, i.e., a prefix announced by an RV. * Followed by a "`32=KITE`" **"32=KITE"** keyword name component. * Ends with a *producer suffix*, **producer suffix**, i.e., one or more arbitrary name components. The concatenation of an RV prefix and a producer suffix in the same KITE request name is the **producer prefix** specified in this name. The forwarding path to be set up is for the producer prefix. For example, given for RV prefix `/RV` and = /RV, producer suffix `/Alice`, = /Alice, thus making the producer prefix `/RV/Alice`, /RV/Alice, the full name of the corresponding KITE request should be: ~~~ /RV/32=KITE/Alice/<ParametersSha256DigestComponent> /RV/32=KITE/Alice/<parameter digest> ~~~ ## KITE Acknowledgment A **KITE acknowledgment** is a Data packet sent by the RV for an Interest (a KITE request) **KITE request**) that passes verification. A KITE request that passes the verification is supposed to be sent by the owner of the specified producer prefix for which the forwarding path is set up. A Data packet that satisfies the following requirements is a KITE acknowledgement (note that a KITE acknowledgment is always generated in response to a KITE request): * Has the same name as the with a KITE request. * `ContentType` ContentType is 6 (KITE Acknowledgment). * Carries Carry a *prefix announcement* (PA) prefix announcement object as payload (see [[nfd:PrefixAnnouncement]]). The payload, and the "announced prefix" indicated by the PA object must be the same as the producer prefix specified in the name (refer to KITE request specification specifications for determining the producer prefix). * The payload only consists of a prefix announcement object in data form, no other content.