Comments (3)
Disclaimer: the comments below are from a quick read, i haven't thought it through in detail. I still need to review how TUF works exactly.
- Yeah, this (how to do key derivation / chaining) is an important problem to get right.
- I don't think we will find a one-scheme-fits-all solution, but rather should provide function primitives, like
descendsFrom(key, ancestorKey Key) bool
(offline) andhasBeenRevoked(key Key) bool
(online), and others. In the general case, for arbitrary records on DRS, people will have very different-looking PKIs and we don't necessarily want to force them to adopt a single one method of doing things. - But yes, it is worth picking one method for
ProviderRecords
and for IPNSRecords` so that all nodes can implement just one thing. - the above does time-based revocation, which may not be optimal on most DRS implementations.
- the above would generate tons of keys, one per record, with a multiplicative increase on the amount of data people have to download (and store!) per published data block (now they need to get a record, a key, and the data block). I think this is not a good strategy.
- the above also makes it impossible for peers to relay records offline-- (that is, peer A broadcasts record Ra, peer B receives it. A goes offline. peer B and C establish a connection. peer B tries to send C record Ra. Ra is invalid for C, as C is not receiving Ra from A). record relaying will be a really good way to get efficient and robust record distribution.
- one other thing, we actually shouldn't necessarily require that the root key be used for setting up crypto channels. we should probably be using derived keys there too.
- however, before we create an explosion of derived keys, we need a detailed survey of many more approaches.
- what we should focus on is the abstractions, DRS should have functions to check the validity of keys that can be improved over time
I agree we need to find the right way to do key {storage, derivation, rotation, etc}. But this is a much larger thing than signing records, because it impacts how keys are stored, what keys are stored online vs offline, agents, and so on.
from specs.
- also note that the attack mentioned is on ECDSA, not all signing algorithms. Attacks vary according to the key signing algorithms used, so PKI structures + record validity algorithms will have to vary according to key signing algorithm coices, so DRS needs to be able to (a) offload the final choice to the user (via good interfaces), and (b) ship with sane defaults (e.g. ways to do it with RSA, ECDSA, etc)
from specs.
In any case, really good to get the discussion started. what we should do is gather a bibliography, and multiple other people who can help design the right support for the various schemes.
from specs.
Related Issues (20)
- gateway: CORS and `Cache-Control: only-if-cached` HOT 1
- Specialized Subset(s) of the Public IPFS Swarm HOT 6
- Mismatch with spec on casing HOT 2
- Shared / Multisig / Sharded IPNS Keys HOT 2
- website: monitor site availability over HTTP and IPFS HOT 1
- Feature: optional routing hints in gateway requests HOT 1
- gateway: add CORS to specs
- gateway: CDN-Loop
- gateway: batching raw block requests (AKA userland traversal of DAGs with unknown codecs)
- IPNS Publisher Key Seed Phrases
- Add specification for Web Pathing
- Gateway: define a protocol.ID for the gateway protocol. HOT 2
- Remove Kubo (userland) specifications
- WebSeed specifications HOT 1
- specs.ipfs.tech uses absolute URLs for links, assets
- New IPNS key types HOT 3
- _redirects spec clarification
- website: link to conformance.ipfs.tech from specs.ipfs.tech
- gateway: run Unicode Normalisation Forms on path gateway inputs HOT 2
- bug: accept header vs format query param precedence
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from specs.