Try   HackMD

IPFS / IPLD Security & Encryption Workshop

January 13th, 16:00-18:00 UTC
https://app.veertly.com/v/ipfs-ipld-security-encryption-workshop

Please remember to record and publish for the community

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

Recordings:
Lightning Talks: https://embed.voodfy.com/60022b90fff4f56e99cb3197
Discussion: https://embed.voodfy.com/5fff4580fff4f51ab36a3917

Existing mechanisms, requirements, & systems

5 minute lightning talks

  • @willscott - Current content & metadata leaks
  • @obo20 (Matt Ober) - Generic per CID permissioning
  • @sanderpick (Sander Pick) - Bucket encryption and shortcomings
  • @ianopolous (Ian Preston) - Cryptree - filesystem level access control and metadata privacy
  • @expede (Brooklyn Zelenka) — UCAN & WNFS
  • @oed (Joel Thorstensson) - DAG-JOSE - Signed / Encrypted IPLD
  • @JonasKruckenberg - Advantages and Disadvantages of DAG-COSE
  • @Artazor (Anatoly Ressin) - Presenting DAG-ONION-COSE
  • Add your handle here to claim a slot

Additional attendees

  • @carsonfarmer (Carson Farmer) - Can speak about Textile encryption needs as required
  • @gpestana (Gonçalo Pestana)
  • @cheelahim (Vsevolods Mihailovs)
  • @jacobheun (Jacob Heun)

Optional talks if requested

  • @ianopolous - post-quantum privacy: simple guidelines for the IPFS setting (what to use and what to avoid)

Will Scott
relevant to ipld encryption of a dag o flinked objects:
https://github.com/ipld/specs/pull/348

Mikeal Rogers
inline with anatoli is saying, in IPLD we’re defining an AES encrypted block in order to standardize this very low layer without tackling key management and leaving this all to the application layer
https://github.com/ipld/specs/pull/349

https://github.com/multiformats/js-multiformats/pull/59

Carson Farmer
I'm also a huge fan of the blockstore level access control, as Ian mentioned: for its flexibility.
there are plenty of interesting patterns to explore here. and I can see how ucans or some other way to encode capability-based permissioning could be done

Anatoly Ressin
My slides
https://notability.com/n/2ehUjccvd6qcy7HqAluE2F

Brooklyn Zelenka
Love those hand drawn notes, Anatoly! Here's my slides:
https://noti.st/expede/jwArdU/ipfs-security-wg-wnfs-prior-art

Ian Preston
I posted my slides earlier, but here they are again:
https://beta.peergos.net/#{"secretLink":true%2C"link":"#6MDZhRRPT4ugkJuUfceM6bPnpQKEj5dB2NqLxD1RxFn3oA3CusXayN8RReauEh/6MDZhRRPT4ugkJuUfcRzRbPpFimcBNJx2N9TJDnL4W3ETYhwdsWdvgCkXkwipF/HF3S4ErBvDjYH6XVALNVj4pVhX5qBWAt3epvPa3n9XeT/5Pf7SvjSSmhnUes8qE3jdh4Qmok2ZVC1rmVzwKV113bzfvs6JGb"}

Sander Pick
Here are the bullets I covered:
https://www.notion.so/textile/Encrypted-private-Buckets-9f7b1e4300b045fa96a0ddc49d69d15f

Jonas Kruckenberg
also this all propably ties in with composability of the core api as discussed over at
https://github.com/ipfs/roadmap/issues/62