[FEAT] Expose PGPSigning service to applications #1128
Assignees
Labels
enhancement
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For applications, currently, it's impossible to bootstrap db / config from another node (securely). It has to be done from an outside source. This is because an application on one node is unable to verify the identity of another application on another node.
Ideally, should be able to seed an application externally, once that is done, a seeded node can then be used to seed new nodes with no external intervention.
With the new PGP keys that get created, each node now has it's own verifiable identity.
I propose exposing a service in the internal docker network only, whereby an application can call an endpoint in their private /24 network say
/pgp/sign(either querystring or POST) with a small message, and the host will respond with a signature.In order for this to be per app, the host would insert the appname into the message before signing
This would allow for app developers to build the following workflow:
{App state is already configured from external source}
1/ New app node is spun up.
2/ Looks up other nodes ip addresses.
3/ Contacts other node asking for config.
4/ Other node offers challenge - random bytes to sign.
5/ New app node calls internal signing service
6/ Host uses PGP private key to sign message and sends sig to app
7/ New app node returns signature
8/ Other node looks up GPG pubkey via api
9/ Other node validates signature (and received in timely manner)
10 / Other node confirms new node identity.
11/ Other node provides New app node bootstrap config
You would probably do the above both ways I.e. both nodes validate each other.
The text was updated successfully, but these errors were encountered: