libp2p + HTTP: Peer Authentication#481
Closed
marten-seemann wants to merge 1 commit intomarco/libp2p-httpfrom
Closed
libp2p + HTTP: Peer Authentication#481marten-seemann wants to merge 1 commit intomarco/libp2p-httpfrom
marten-seemann wants to merge 1 commit intomarco/libp2p-httpfrom
Conversation
MarcoPolo
reviewed
Nov 21, 2022
|
|
||
| The client proves ownership of its private key by signing a value provided by the server. The server then issues an authentication token, which the client then sets as a header field on subsequent requests to the server. To allow the server to operate statelessly, it MAY encode the client’s peer ID into the authentication token. | ||
|
|
||
| TODO: specify endpoints and what exactly to sign. Or maybe there’s prior art we can reuse? |
Contributor
There was a problem hiding this comment.
Haven't thought too much about this, but it would be great if we could use webauthn here
Merged
marten-seemann
commented
Jan 22, 2023
Comment on lines
+32
to
+36
| ### On-Demand Server Authentication | ||
|
|
||
| In order to learn and verify the server’s peer ID, the client MAY use a challenge-response protocol. The client issues a POST request to a predefined HTTP endpoint, and the server signs this value (concatenated to a const string) with its private key. It then transfers its public key and the signature to the client. | ||
|
|
||
| TODO: this is really straightforward, but we need to specify how exactly this works |
Contributor
Author
There was a problem hiding this comment.
This doesn't work for the reasons outlined in #508 (comment).
Contributor
|
Closing this in favor of focusing on #508 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Building on a lot of discussions that happened prior to and during IPFS Camp, and with @MarcoPolo.