Redesign clients registering in membrane-backend

[k-allagbe]

As discussed with @rngadam, the clients need a process to register to membrane without the need to manually exchange keys.

A solution for this would be an endpoint on membrane that would allow clients to download their configuration files (including server public key) at startup. But because the system should be a 2-way trust, there should also be a way to pass the client public key safely to the server which the server would then approve.

[k-allagbe]

@rngadam can you please elaborate on this a bit more? Fuzzy points on my part:

• approving the client public keys in the deployment github action
• approval with client app_id + secret
• the client keys could be disabled: this could contribute to runtime maintenance?

[rngadam]

First pass:

https://sequencediagram.org/index.html#initialData=C4S2BsFMAIFlILYCMBOBDAdjAwuEkNhoBBAB1OgCVIBzEAZ2HVAHsMAoTgEUgDcB5UvWgBaAHzRc+QmVIAuaDQKRmMANaQAnqTQgU0AGYt9UgsFnseAoaImmZ5BUqyroG7bv1H98ZOiwAyiq8KtDcfILC4pJ4ZrIKACaQpOAsmtDALNAAxqkArgmWETbR9uaO0PSQRO46etAEvHpsCGbQvGgoIGhIUPTsZbK2MdLl8pXAncDCeaQDsQ4UpQtjCggseYTCrX6YkAB0uaP7vXnJXYTzo0PRvqh7ZQoMcACisABClMQAci8A+u9iNgANIvb5cHJsAwgGh5FCQBIAfnYd38kDKw1ReyCKBCKAUAHEXgAVaAAeiquJUpDyvRA2Xc+1IiBRiHuWAxtzZaJxeIUAAUAKqko5mGl0hlaJmIQzGaBocgjOLkVm7QLBUJctWQXkqBQYFhEUjwpobejgdIK40sEJI6A0oiiwjivCSzTShDQNjQBIMNDgVIAdwR0DwjCK1iiEix6qp+Pl5BQNvUWllJhWFhjOo1+i17OzcbWyZyKxd9MZzM9mXlAZYwcKVkiw0GFRAGDA3WAMC7jAy-noaGyrA4LaW0e52JzCnhvvhQ7T8rywAAFmZ6Whh6r87rcxJG0IFD2iIhdOAtzyc82MxUZ3pIPPA2Bl4uV9B4fQ8uBphGm8trhVsihPRPTQJdV0Iddh2gQNjDUeggA

[rngadam]

@k-allagbe will prototype a first implementation of the sequence diagram above and give feedback for discussion.

[k-allagbe]

@rngadam what does the devops approbation process look like?

[rngadam]

@k-allagbe DevOps has access to all the secrets of the server, so I would think using the server private key to encrypt a message that can only be decrypted by membrane-backend containing the client app to enable.