Decide on the encryption strategy for items/files

decentralized-identity / decentralized-web-node

Decentralized data storage and message relay for decentralized identity and apps.

https://identity.foundation/decentralized-web-node/spec/

Apache License 2.0

402 stars 79 forks source link

Decide on the encryption strategy for items/files #59

Open csuwildcat opened 3 years ago

csuwildcat commented 3 years ago

Requirements to consider:

Encryption should allow for external entities to access and decrypt the items they are granted permission for.
Encryption should not require undue duplication and expensive client processes to effect (e.g. re-encryption/re-keying)
Permissions can change dynamically, adding or removing external entities from access to future modifications of items. We need to decide how we will deal with this, which has impacts across the way encryption and items are structured/linked/bucketed at lower levels in the stack.

codi0 commented 2 years ago

Are there any particular candidate protocols / implementations being looked at for encryption-based ACL? I'm thinking stuff like Peergos or WNFS.

If this has been addressed elsewhere, please point me in its direction. I'm trying to understand what cryptographic access control protocols exist, so I'm interested in where discussion has gotten on this one.

Identitywoman commented 2 years ago

@csuwildcat will reply

andorsk commented 1 year ago

@csuwildcat is this done? any references required to the spec itself. I know you guys have implemented encryption.

csuwildcat commented 1 year ago

Yes, this is done, but let's close this when the work is complete and the spec text reflects it.

andorsk commented 6 months ago

@csuwildcat who/when can we get this done? @thehenrytsai would you be able to help with this?

andorsk commented 6 months ago

@thehenrytsai will try to aim for next meeting.