-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
private networks -- shared key or with a PKI #1633
Comments
Can you elaborate? I am currently thinking about exchanging private data via IPFS, and how to ensure that the data can stay within a controlled cluster. (Think medical images in a hospital, which has strict requirements w.r.t. leak prevention.) |
@hmeine we will allow creation of completely private IPFS networks. the plan is to:
This issue is really about mode (1) (shared key). but we will implement both eventually. (1) should work for you fine, but will leave it up to you to do key rotation to ensure long term security (as nodes join / leave the network, or as human operators join / leave the organization) tl;dr: once this is fixed, you'll be able to start your nodes with:
and you can rotate |
Thanks for the explanation. This would be really useful for our use case, it seems. |
Hi. You mentioned the end of Sept last year that this was coming soon. Can you provide an update of where we are and how this fits with priorities. Am interested in this and want it to be compatible if possible or contribute. Do you have a blueprint? |
I'm also interested to know the current state of private network support. |
http://ilpubs.stanford.edu:8090/626/1/2003-74.pdf discusses a hierarchical DHT. This generates an onion-like structure of accessability domains. I think this is a very flexible and elegant way to achieve privacy in a distributed system. Originally, I wanted to implement this from scratch for my usecase (research data publication with institute file space < university file space < global filespace), however, since I found out about IPFS, I wonder whether something like that can also be achieved in the IPFS ecosystem. |
@troyronda has a proposal about trust management here: https://github.com/securekey/go-ipfs/blob/a2c73ac501f602a2dbbe5260ec7e7fec4d30ee60/docs/trusted-private-network.md |
Where can one comment on this proposal? |
The thread is here: ipfs/notes#146 |
👍 Thanks for supporting private ipfs networks with shared key #3697 |
@salsa-dev Thats great to hear! If you have any feedback on it we would love to hear it here: #3404 |
I'm closing as the original discussion for this was resolved by choosing shared key, and it is a libp2p-land feature these days anyway. |
No description provided.
The text was updated successfully, but these errors were encountered: