Authentication and non-repudiation of messages: Signatures - thoughts. #30
Labels
thoughts
Issues describing some thoughts around a subject
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Each node should sign its message with its app-specific private key.
All nodes should get all other nodes public keys, but only its own private key - where "own" relates to the application. So, by invoking some method, it should get a Map of app->public key, and its own private key.
Need a "key distribution" mechanism for the private keys: This mechanism must then be able to target "apps": Only nodes of this app should get these secrets, i.e. the private key. This cannot be a claim from the app: WRONG: "I am the Bank-app, give me the Bank private key". It must be a "offering" from the key distribution: CORRECT: "Here, you are Bank-app, and here is your private key".
The public keys are much simpler, as this could basically be distributed on any public repository.
Having this in place, each node of an app could verify that a message comes from the app that it actually claims that it comes from.
And with that in place, one can then implement an "Access Control List" mechanism: "I will only accept "withdraw money" messages from these two Apps".
The text was updated successfully, but these errors were encountered: