Signstar design concepts - questions
Hi, reading through https://signstar.archlinux.page/architecture/design.html can someone explain how the SSS shares are distributed among holders? Do they physically meet for a beer and each takes out a print out from initial console setup? Could you perhaps pre-bake share holder's SSH keys into the image and do a one share per key as the do first login? This way they could retrieve it remotely. My second question is if confidential compute was considered instead of a dedicated physical hardware and OS? Could you replace the setup with a confidential VM that runs signstar as verifiable service?
Hi cen, Happy to hear folks dive deep in our docs! We're literally putting finishing touches on the Signstar RFC and I believe it would answer most of your questions (I'm taking notes about the beer though ;) ). So if you don't mind I'll ping you when it's published and then we can answer any outstanding questions. Thanks for your time and have a nice day! Kind regards, Wiktor
I stumbled upon this after listening to the talk by David Runge and it seems very well designed and thought out.
So if you don't mind I'll ping you when it's published and then we can answer any outstanding questions.
I am definitely interested, please do. I have a similar signing problem to solve (although in different area of IT) and this was the first thing that made sense after reading it.
participants (2)
-
cen
-
Wiktor Kwapisiewicz