Hi Victor, great you have put this here. I am having difficulties to start the app again… will try on. Meanwhile I wonder what PJ said about security issues, we need to look into. Do you remember or should we ask him? I think this was quite important? He gave an answer to his question himself but I did not take any notes at that point. ciao, Uwe
Yes it may be that PJ was asking about how do we make sure that people that are not “me” don’t get to install the application and get access to passwords.
I remember @artbrock (tagging for opportunities of correction here ) having a response to that where he talked about the Progenitor pattern. Which basically encoded the originator of the application as the node that gets to manage a whitelist of users that would like to install the DNA and connect to peers.
For a new device to install the DNA and communicate, a request would first have to be sent to the progenitor of the application (first node) which would be able to put into the whitelist of the application that this new node is “cleared” for communication. Any agent that is not on the whitelist would not be sent any gossip from any of the nodes of the application to ensure integrity.
A side application would be needed to handle the request of putting an agent on the whitelist.
This meta level application invitation/sharing thing is probably a pretty common need in a bunch of applications I guess. It feels to me like this would be a great thing to be integrating into some sort of Rolodex application which also just holds lists of all of your contacts and shows what applications they are using (at least the ones that they actively shared that they are using). I’d be curious to know if this is something that you’ve come across in many previous discussions @pauldaoust?
@ViktorZaunders I haven’t heard about anybody discussing a ‘rolodex’ app… but as for the pattern of the progenitor who whitelists other agents into the DNA, yeah, I think it’s going to be a very very important recurring pattern. So much so that I could see a drop-in zome for that very thing.
I think you’re right about needing a side application to handle whitelist requests — I’m picturing it as sort of a ‘lobby DHT’ where people join, ask who’s got the authority to let them into the protected DNA, and then ask those authorities for an invite code. That code would look like a signature chain with the progenitor’s signature at the root. (Or maybe just the hash of a signature entry on the DHT.) The newly invited agent would then join that new DHT, put the signature chain into their agent ID entry, and get authorised. Woohoo!
Some of my own thoughts on these threads, which I unpack in a rather disorganised fashion because I was still figuring it out at the time