Skip to content

Migrate Minogrpc security mechanisms to Minows #302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pierluca opened this issue Apr 7, 2025 · 1 comment
Open

Migrate Minogrpc security mechanisms to Minows #302

pierluca opened this issue Apr 7, 2025 · 1 comment
Assignees
@jbsv

Comments

@pierluca
Copy link
Contributor

pierluca commented Apr 7, 2025

Context

Minows was developed by @XioZ and @ineiti as a more robust Mino implementation than MinoGRPC.

However, Minows currently lacks the security features needed to fully replace MinoGRPC, including a secure mechanism to connect nodes (the first time) based on secret tokens, and certificate-based node authentication.

Refer to the MinoGRPC server tests to see the expected functionality regarding joins, cert chains and tokens.

Outcomes

When this is implemented, minogrpc can be deprecated and replaced in all use cases.
We will then be able to close tickets #150, #170, #180, #218 and #220.
@ineiti
Copy link
Member

ineiti commented Apr 7, 2025

A more simple way to finalize this is to put a big warning on it:

Minows should only be used behind a TLS terminator like traefik

That would solve all these problems, but put the trust in the TLS terminator. And there you could either use your own certificates or use the global CAs...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jbsv jbsv

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ineiti @pierluca @jbsv