js-libp2p
js-libp2p copied to clipboard
libp2p
crypto channel: TLS 1.3
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
Currently go-libp2p implements secio, an in house baked crypto channel library. However, IPFS will be moving to TLS eventually, which means that libp2p must offer it as a crypto channel upgrade to a connection.
Our current endeavour is to have a TLS library that is compatible and exposes an connection interface, so that we can upgrade any connection to another peer on demand. forge is a full JavaScript implementation of TLS made by the folks at Digital Bazaar.
How does this look? https://github.com/mkg20001/libp2p-tls I had to add some "magic" to make the peers determine which peer is going to be the tls-server/client randomly. Currently it's using nodeJS native "tls" module which is openssl based. Browser support using forge is planned
@mkg20001 I that is probably TLS 1.2. I believe the goal of moving to TLS was only to do so with 1.3.
@dignifiedquire https://github.com/ipfs/specs/issues/29#issuecomment-239906315 . Here it says both will get implemented
Btw, the "magic" thing is just a 7/8 bytes protocol buffers packet with a random integer (the peer which randomly chooses the highest number is determined to be the server)
@mkg20001 thanks I didn't remember that and cool that you are implementing it :)
@mafintosh I believe you mentioned you had an implementation of TLS 1.3, did I get that right?
ipns://blog.ipfs.io/2020-08-07-deprecating-secio/
Just released more relevant info regarding TLS 1.3 support.
