named-data-iot / ndn-lite

A lightweight NDN protocol stack with high-level application support including security bootstrapping, access control, trust management, etc.
https://ndn-lite.named-data.net
GNU Lesser General Public License v3.0
44 stars 16 forks source link

Include certificate name in KeyLocator #72

Open yoursunny opened 4 years ago

yoursunny commented 4 years ago

Currently, KeyLocator in Interest/Data signature carries the key name only. When there are multiple certificates issued to the same key, including when the certificate has been renewed on the same key, the validator may be retrieving an unexpected certificate.

This issue is to put the certificate name into KeyLocator during signing, so that the validator can retrieve the certificate without additional configuration.

yoursunny commented 4 years ago

Cross-project links: https://redmine.named-data.net/issues/5112 https://github.com/zjkmxy/python-ndn/issues/13