This repository has been archived by the owner on Apr 29, 2020. It is now read-only.
Private Network Implementation #128
Comments
|
Linked with: ipfs/kubo#1633 |
|
This issue was moved to https://discuss.ipfs.io/t/private-network-implementation/290 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I need to set up a private IPFS network on the internet. I am trying to find the simplest solution that will hold until some more robust schema (PKI?) is in place. I am thinking of having a host (central authority) that hosts a list of trusted nodes (with public keys). Each node would have to log in to the host to retrieve the list of trusted nodes (and maybe initialize bootstrap). During secure connection handshake, a peer would cancel handshake should the provided public key is not from trusted set (or should the other peer cannot prove that it also holds the private key). Essentially, the nodes trust each other because both are trusted by the host (central authority) Does this make sense?
Assuming this makes sense, what would be a clean way to implement this feature and be accepted for inclusion into IPFS code base? My first thought is to have an interface called, say, TrustManager, that would be used during handshake. Different implementation would provide solutions for different trust schemas. Any thought?
The text was updated successfully, but these errors were encountered: