docs: spec of SafeBag format
This spec defines the TLV-based format of SafeBag, replacing the
previous SecureBag which uses DER-based encoding.
Change-Id: I001153bd3f4246a0f84656167b00c6387b2fea07
Refs: #3048
diff --git a/docs/examples.rst b/docs/examples.rst
index b107aa7..c1ad084 100644
--- a/docs/examples.rst
+++ b/docs/examples.rst
@@ -45,10 +45,10 @@
:emphasize-lines: 42,55-58,61,64,67,70,76
-Consumer that uses ndn::Scheduler
----------------------------------
+Consumer that uses Scheduler
+----------------------------
-The following example demonstrates how to use :ndn-cxx:`ndn::Scheduler` to schedule arbitrary
+The following example demonstrates how to use :ndn-cxx:`Scheduler` to schedule arbitrary
events for execution at specific points of time.
The library internally uses `boost::asio::io_service
@@ -57,7 +57,7 @@
Data). In addition to network-related operations, ``boost::asio::io_service`` can be used
to execute any arbitrary callback within the processing thread (run either explicitly via
``io.run`` or implicitly via :ndn-cxx:`Face::processEvents` as in previous examples).
-:ndn-cxx:`ndn::Scheduler` is just a wrapper on top of ``boost::asio::io_service``,
+:ndn-cxx:`Scheduler` is just a wrapper on top of ``boost::asio::io_service``,
allowing simple interface to schedule tasks at specific times.
The highlighted lines in the example demonstrate all that is needed to express a second
diff --git a/docs/index.rst b/docs/index.rst
index fcfc521..291fb72 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -18,6 +18,7 @@
INSTALL
examples
tutorials
+ specs
manpages
.. toctree::
@@ -39,8 +40,12 @@
+ :doc:`tutorials/security-library`
+ :doc:`tutorials/utils-ndn-regex`
+ :doc:`tutorials/security-validator-config`
- + :doc:`tutorials/signed-interest`
- + :doc:`tutorials/certificate-format`
+
+- :doc:`specs`
+
+ + :doc:`specs/signed-interest`
+ + :doc:`specs/certificate-format`
+ + :doc:`specs/safe-bag`
- :doc:`manpages`
diff --git a/docs/specs.rst b/docs/specs.rst
new file mode 100644
index 0000000..ca5810b
--- /dev/null
+++ b/docs/specs.rst
@@ -0,0 +1,9 @@
+Specifications
+==============
+
+.. toctree::
+ :maxdepth: 2
+
+ specs/signed-interest
+ specs/certificate-format
+ specs/safe-bag
diff --git a/docs/tutorials/certificate-format.rst b/docs/specs/certificate-format.rst
similarity index 100%
rename from docs/tutorials/certificate-format.rst
rename to docs/specs/certificate-format.rst
diff --git a/docs/specs/safe-bag.rst b/docs/specs/safe-bag.rst
new file mode 100644
index 0000000..2542f8d
--- /dev/null
+++ b/docs/specs/safe-bag.rst
@@ -0,0 +1,27 @@
+Export/Import Credentials
+=========================
+
+Sometimes, one may need to export credentials (e.g., certificate and private key) from
+one machine, and import them into another machine. This requires a secured container for
+sensitive information. We define **SafeBag**, which contains both an NDN certificate
+(:doc:`version 2.0 <certificate-format>`) and the corresponding private
+key which is encrypted in `PKCS#8 format <https://tools.ietf.org/html/rfc5208>`_.
+
+The format of **SafeBag** is defined as:
+
+::
+
+ SafeBag ::= SAFE-BAG-TYPE TLV-LENGTH
+ Certificate ; a data packet following certificate format spec
+ EncryptedKeyBag ; private key encrypted in PKCS#8 format
+
+All TLV-TYPE codes are application specific:
+
++---------------------------------------------+-------------------+----------------+
+| TLV-TYPE | Assigned code | Assigned code |
+| | (decimal) | (hexadecimal) |
++=============================================+===================+================+
+| SafeBag | 128 | 0x80 |
++---------------------------------------------+-------------------+----------------+
+| EncryptedKeyBag | 129 | 0x81 |
++---------------------------------------------+-------------------+----------------+
diff --git a/docs/tutorials/signed-interest.rst b/docs/specs/signed-interest.rst
similarity index 100%
rename from docs/tutorials/signed-interest.rst
rename to docs/specs/signed-interest.rst
diff --git a/docs/tutorials.rst b/docs/tutorials.rst
index d4bc089..c3c1ca1 100644
--- a/docs/tutorials.rst
+++ b/docs/tutorials.rst
@@ -7,5 +7,3 @@
tutorials/security-library
tutorials/utils-ndn-regex
tutorials/security-validator-config
- tutorials/signed-interest
- tutorials/certificate-format
diff --git a/docs/tutorials/security-library.rst b/docs/tutorials/security-library.rst
index 30d3de0..8ee8d40 100644
--- a/docs/tutorials/security-library.rst
+++ b/docs/tutorials/security-library.rst
@@ -251,7 +251,7 @@
%%%%%%%%%%%%%%%%%
The process of signing Interests according to the :doc:`Signed Interest specification
-<signed-interest>` is exactly the same as the process of signing Data packets:
+<../specs/signed-interest>` is exactly the same as the process of signing Data packets:
.. code-block:: cpp