-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Michael,
On 07/07/2013 07:26 AM, Michael Chen wrote: > Hi > > In the current p2psip-base-26, section 7.3.1, 7.3.2, 7.3.3, 7.3.4 and > 13.5.1, all refers to "the hash function for the overlay". For example, > > > In the USER-MATCH policy, a given value MUST be written (or overwritten) if > and only if the signer's certificate has a user name which hashes (using > *the hash function for the overlay*) to the Resource-ID for the resource. > Recall that the certificate may, depending on the overlay configuration, be > self-signed. > > > However, there is no such hash function defined in the configuration XML, > except the <self-signed-permitted> tag's "digest" attribute. The > <self-signed-permitted> tag does not exist for enrolled overlay > configuration. The hash function is indirectly defined by the <topology-plugin> element. When it is set to CHORD-OVERLAY (or if the element is not present), then the hash definition is the one in 10.2. > > While the RELOAD signature dynamically specifies the hash function in used, > we need an explicit hash function contract for other usage like computing > the Resource-ID from the SIP AoR. > > I propose moving the "digest" attribute out of <self-signed-permitted> tag > and into the top level <configuration> tag, alongside "instance-name", > etc., or adding a new attribute to that effect. > - -- Marc Petit-Huguenin Email: [email protected] Blog: http://blog.marc.petit-huguenin.org Profile: http://www.linkedin.com/in/petithug -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJR2X8/AAoJECnERZXWan7EwIcP/0D/J7eto9GgFOIv5p78X0/j bmJ2EmVPET61wGWiMB8p8jMBysmWKhjZ0D8ecGfoKgqJWYREbNLTdfRy0Jhk1FBI lJtZgDUVll8JpPuCNmbIEkwUFFWOHu8DTPKJW1SQzsudbgG5x3HaWKDpt1Qxg+yY L9YM3CtqRmrqRLJXi8JTSt+cf81TA0ocR3vGu6bumd5HmuqyOtn7yjmSOFEHqGsM d7Vm4c6Q2RlH/abGRE9/y8D1AcDy172Y81pYi6oAKZUQzuJbPPT8z5dOqDIRJtuT oiY2xPJixAvP9iSnuDRDsc+MCBBZ4wQbe84Nzlrpt4XDfgFtWP0RdI/krJnBx/og jy0eqvX23ci434HEkOwhm8sss5+T9/qX0mrfHDISGHZUcxjf9v76mve8Ko7vzs8c OXaC+z3cTl/k7RbrrwDes1IjsQ7GWSmzbnMQFdEKlv94KPPdNmVuWR/iUAeBrGUr OGkN6VrHLino7YA2gu76OBOKz0TxAKpfJ8gsGxx8t0H3ZM67f6Pjw7ZL2wiy+ers BGi/uC7GsWhtQJgOETeNYTasX+h/QYI0Sd+GawI2QmUc+xgaqu9fDhD58hJqxh5k nz2vbZRe+QnAQOUC1BNl+0TuqiD+VQ91wsgyBYIF/bWXrjMrFIhvCYqgYnAFEknv C/s2FSsK/kUzcd0/iXa0 =Ktvj -----END PGP SIGNATURE----- _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
