TZDB distribution over NDN.
While this repository focuses on applying NDN to TZDB distribution, this solution can apply to any few producer, massively multiple consumer distributions.
Special thanks to Varun Patil as his implementation of Ownly was a basis for a lot of this repository.
Using NDN's State Vector Sync At Least Once (SVS-ALO) transport mechanism, a few producers can publish data to many consumers at the same time.
Both producers and consumers will have to bootstrap on to the NDN testbed. This requires users to generate their testbed certificates using NDNCERT. Users' identity is determined by their email address; NDNCERT can verify identity by comparing a numeric code sent via email. This is an unfortunate requirement; in order for users to register prefixes (receive data), they must have a testbed identity. This is enforced by the operators of the NDN testbed nodes.
A producer will run the producer executable. Producers will publish the complete set of TZ data within a file called tzdata.zi.xz. This file is an XZ compressed main.zi file, which was minimized by zishrink.awk (see the tz repository for more info).
A consumer will (as a daemon) run the consumer executable. Consumers may choose which files to subscribe to (e.g., only subscribing to northamerica if you live in Los Angeles). This will write files to some output directory, in which users may compile the timezone info using the zic executable.
Downstream distributors (e.g., Unicode CLDR) may choose to act as both consumers and producers. On a new release, CLDR may choose to republish their own files under some other distributor name.
tzndn relies on the NDN testbed as the ultimate source of trust. All user certificates are signed by the testbed root certificate (app/testbed.root.cert). More work is needed to allow for graceful migration when the testbed certificate expires.
Enforced by a trust schema (app/schema.trust), only publications by certain users will be accepted. As publishers sign each publication with their testbed certificate, consumers will only accept publications signed by certain testbed certificates.
Keys and certificates are cached on device in the ./keychain directory (relative to where the executable is ran).
Producers will not always be online (although they may choose to by keeping the producer executable running). This application supports NDN Repo, a transient network store that will serve publications even when the producers are offline.
- Make sure Go 1.24.0 is installed. Python 3.10 is required to make updates to the trust schema.
- If you're not
[email protected]or[email protected], you'll have to make updates to the trust schema so that users will verify you as an approved publisher. Runmake schemato update the schema. - Modify
config/main.go. The most important variables to modify are theOutputDir(if a consumer), theInputDir(if a producer), and theUserPrefix. - Run
maketo produce aproducerexecutable inbin/producerand aconsumerexecutable inbin/consumer.
Both executables take two arguments, the first being the files to publish/subscribe to (not a path, just the filename). all will publish/subscribe to all the files listed in config/main.go.
The second argument is your email identity. When running the executable, NDNCERT will prompt you for the verification code sent to your email.