Saturday, March 16, 2019

Peer-to-Peer TLS certificate verification

I am working on a peer-to-peer networking application. Each node in the network can both receive and transmit data to other nodes in the network. The data being sent through the network is sensitive, so we are using SSL encryption on both ends.

Usually, a trusted Certificate Authority would issue a digital certificate to a web server. This certificate verifies the identity of the web server and its public key. In our case, however, there is no centralized web server. Each node in the network would need to have their own self-signed digital certificate and public/private keys. Each one of those self-signed digital certificates should be trusted amongst all the users.

How would we go about trusting those self-signed certificates with as little user impact as possible? (Preferably, all work should be done automatically in our application and shouldn't require any manual installation/trusting of digital certificates).



No comments:

Post a Comment