Skip to content

[WIP] Persistent TLS certificates; Simplify Ursula Initialization #2535

Closed
KPrasch wants to merge 7 commits intonucypher:mainfrom
KPrasch:tomogatchi
Closed

[WIP] Persistent TLS certificates; Simplify Ursula Initialization #2535
KPrasch wants to merge 7 commits intonucypher:mainfrom
KPrasch:tomogatchi

Conversation

@KPrasch
Copy link
Copy Markdown
Member

@KPrasch KPrasch commented Jan 22, 2021
edited
Loading

Type of PR:

  • Bugfix
  • Feature
  • Documentation
  • Other - (Code Quality)

Required reviews:

  • 1
  • 2
  • 3

What this does:

  • Bugfix: Ensure that persistent public TLS certificates are used for worker servers
  • Ensure that persistent powers are derived from keyrings
  • Reduce and simplify internals of Ursula's construction

Issues fixed/closed:

TBD

Why it's needed:

  • Improves node availability: Allows public TLS certificates to be properly reused for connection handshakes
  • Preserves browser security exceptions 🎉
  • Better readability and maintainability for characters

Notes for reviewers:

  • Currently This PR is conceptual and will be subjected to a reset and history rework
  • May introduce new side-effects: When do certificates need to be recreated or renewed?
    • IP address changes
    • Certificate Expiration
  • How/when to force re-validation and download a fresh copy of a certificate from a peer

Co-Authorship

Co-Authored-By: vepkenez gdamon@gmail.com
Co-Authored-By: Derek Pierre derek.pierre@gmail.com

@KPrasch KPrasch added Bug 🐛 Broken functionality Code Quality 🔧 Pertaining to code quality improvements Ursula 👩‍🚀 Effects the "Ursula" development area labels Jan 22, 2021
derekpierre
derekpierre reviewed Jan 22, 2021
View reviewed changes
nucypher/characters/lawful.py
for power_up in self._default_crypto_powerups:
power = self.keyring.derive_crypto_power(power_class=power_up, host=self.interface.host)
crypto_power_ups.append(power)
def __get_hosting_power(self, host: str) -> TLSHostingPower:
Copy link
Copy Markdown
Member

@derekpierre derekpierre Jan 22, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥 🎸

@KPrasch KPrasch closed this Jan 22, 2021
@KPrasch KPrasch mentioned this pull request Jan 22, 2021
Merged
7 tasks
@KPrasch
Copy link
Copy Markdown
Member Author

KPrasch commented Jan 22, 2021

Replaced by #2536

@KPrasch KPrasch deleted the tomogatchi branch January 22, 2021 19:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@derekpierre derekpierre derekpierre left review comments

@vepkenez vepkenez Awaiting requested review from vepkenez

Assignees

@vepkenez vepkenez

@KPrasch KPrasch

@derekpierre derekpierre

Labels

Bug 🐛 Broken functionality Code Quality 🔧 Pertaining to code quality improvements Ursula 👩‍🚀 Effects the "Ursula" development area

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@KPrasch @derekpierre @vepkenez