private-network RFC

[farhoud]

No description provided.

[gitaaron]

What is the purpose of building a temporary workaround to auth/ACL instead of just waiting for the auth/ACL to be developed?

[farhoud]

@gitaaron
I don't think the security layer that cover all the stories would be ready in at least 3 month. and also i personally can't relay on access control by encryption only to make user safe. with this solution we can demo useful box and photo in in around a week.
As @masih mention i should explain more on public network risk's

[gitaaron]

@farhoud thanks for the clarification. I am still not sure where this PR is coming from (probably because I joined the team after this work commenced). Could you please share a few of the use cases / user stories this PR is solving? What I am trying to understand is how this PR will directly impact BOX customers and their capabilities.

[gitaaron]

It seems to me that this PR is trying to cover two different scenarios -

1. Private communication between the fula-client and fula-api (eg/ uploading a photo to a BOX and retrieving a photo from a BOX)
2. Private communication between BOXes or other 'peers' in the fula-network (eg/ data syncing)

Is that correct?

[farhoud]

yes. and i try to add more on it.

[gitaaron]

This sounds related to the discussion @masih and @ruffiano89 were having around the question -

what is the relationship between DID and PeerId?

[farhoud]

I think by adding the human readable password i make this PR a little bit complicated. but my thinking was asking user to enter a 64 character in web app or photo's is painful task so i suggest to change it to more human readable think.

[farhoud]

I will try to separate them.

[farhoud]

I think when we can use DID instead of Peer id to connect (verified connection) box <---> box and client <---> box which also most cover internal IPFS like bitsawp engine then that's the end of life for this proposal

[farhoud]

I think when we can use DID instead of Peer id to connect (verified connection) box <---> box and client <---> box which also most cover internal IPFS like bitsawp engine then that's the end of life for this proposal

like the libp2p gatekeeper should use the DID to let others connect to my box or ... .

[farhoud]

and if we want to use ipfs-cluster then it also have to cover a lot of ground on go lang too.

[gitaaron]

Perhaps this could be broken into its own doc? The doc would answer the question - what is the user interface that enables us to provide a human friendly password and generate a shared swarm.key at the same time? Once again sounds related to what @ruffiano89 is working on.

[farhoud]

I think by adding the human readable password i make this PR a little bit complicated. but my thinking was asking user to enter a 64 character in web app or photo's is painful task so i suggest to change it to more human readable think.

[farhoud]

I don't see any overlapping. we are working at different layer.

[masih]

Great start 👍

[masih]

Expand on this please.

[farhoud]

@gitaaron
Can you collaborate with me on this?

[gitaaron]

Apologies I think I am mistaken on the use case / purpose of this PR. You can remove this.

[masih]

We also need to talk about how the network is joined together. So far this reads as a simple key generation RFC.

[farhoud]

I will try to add current network topology to background and also how network join in the proposal

[masih]

Consider providing an overview of steps, where each sub section expands on.

[masih]

• Capitalise first letter in paragraphs. I'll stop pointing this out for the rest of the document.

• Seems like there is a specific place in code you envision this needs to be added? If so, link it up.

[masih]

Flesh this out as a case study with more details. Remove <br/>?

[farhoud]

@masih @gitaaron
I try to cover all the feed back but i still have to work on implementation and case study. its more of preview can u review it.

[farhoud]

The second draft is ready.