Signed Interest is a mechanism to issue an authenticated Interest.
A signed Interest is an Interest where:
Name ends with
See Interest Signature for details on the format of the
Construction of Signed Interests#
The following procedure describes the signing of an Interest:
Nameif present, regardless of the location.
ApplicationParameterselement is absent, append a zero-length
ApplicationParameterselement to the Interest.
InterestSignatureInfoelement and append it at the end of the Interest.
Compute the cryptographic signature according to the Interest Signature section.
Insert the computed signature as an
InterestSignatureValueelement at the end of the Interest.
ParametersSha256DigestComponentaccording to the Parameters Digest Component section and append it at the end of
Processing of Signed Interests#
Upon receiving an Interest, the producer, according to the Interest name prefix, should be able to tell whether the Interest is required to be signed.
If the received Interest is required to be signed, the application protocol or the producer should also explicitly define whether
SignatureSeqNum must be present in
InterestSignatureInfo or not.
If any of the required elements is missing, treat the Interest as invalid.
Additionally, a signed Interest must be treated as invalid if any of the following conditions is true:
The last name component is not
ParametersSha256DigestComponent, or its TLV-VALUE is incorrect according to the Parameters Digest Component section.
InterestSignatureInfoelement is missing or any mandatory sub-element is missing from the
InterestSignatureValueelement is missing.
The signature cannot be cryptographically verified.
The key used to create the signature is not trusted for signing the Interest.
SignatureTime(t) is present in the
Lookup the last recorded
SignatureTime(t0) used in conjunction with the same key. Use
CurrentTime - GracePeriodif no previous record exists. The recommended grace period is 60 seconds. If t0 >= t, consider the Interest as invalid. Set t0 to t if the signed Interest has been validated according to this and all other rules.
Sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner’s responsibility to keep clocks synchronized.
To perform this check, the recipient must remember a list of
SignatureNoncecarried in previously received Signed Interests used in conjunction with the specific signing key. Check whether the
SignatureNoncecarried in the current signed Interest is a repetition of a recorded
SignatureNonceused with the same key. If it is a repetition, treat the Interest as invalid. Add the newly received
SignatureNoncelist if the signed Interest has been validated according to this and all other rules.
The size of the
SignatureNoncelist and the lifetime of each
SignatureNonceremembered by the receiver depend on the application protocol’s need.
SignatureSeqNum(s) is present:
Lookup the last recorded
SignatureSeqNum(s0) used in conjunction with the same key. If s0 >= s, consider the Interest as invalid. If no previous record exists, check s against the application policy. If s does not satisfy the application policy, treat the signed Interest as invalid. Set s0 to s if the signed Interest has been validated according to this and all other rules.
SignatureSeqNumreceived is considered valid only if it satisfies the application’s policy. For example, application can decide the first
SeqNumcan only be a minimum value like 0 or 1, or a value that both sender and receiver agree on.