-
Notifications
You must be signed in to change notification settings - Fork 13
NDNCERT Client Configuration
Zhiyi Zhang edited this page Sep 7, 2019
·
2 revisions
Client configuration, which contains a set of Certificate Authority (CA) information, is designed to be used for requesters to remember trusted CAs. Client configuration contains a list of CA information; for each CA entry, it contains:
- ca-prefix: CA name prefix
- ca-info: A readable name with a brief introduction of CA
- probe: If a CA requires a PROBE before the cert application, this field would contain a list of JSON attributes what should be used as a _PROBE parameter.
- certificate: A base64-format NDN certificate
Importantly, a client's configuration decides which CA is trustworthy, and thus the configuration MUST not contain any untrusted CA's information. A best practice is to obtain CA's information in a trusted, out-of-band manner, e.g., copy it from your employer's administration office.
A client configuration example:
{
"ca-list":
[
{
"ca-prefix": "/ndn/CA",
"ca-info": "NDN Testbed CA",
"probe": "email",
"certificate": "Bv0CJAcsCANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i85uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAES9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kqJczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdIMEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F"
}
]
}