Open
Description
Context
In #10521 we've introduced opt-in AutoTLS feature which uses DNS and p2p-forge infrastructure run by Interplanetary Shipyard to automate TLS setup for libp2p WebSocket transport.
This feature will not yield the maximum benefit to the swarm unless it is enabled by default, just like /webtransport and /webrtc-direct listeners are.
This issue tracks remaining work towards enabling AutoTLS by default.
TODO
- feat(AutoTLS): opt-in WSS certs from p2p-forge at libp2p.direct #10521 (landed in kubo 0.32.0-rc1)
-
libp2p.directpublic good infra accepts registrations - fix(autotls): store certificates at the location from the repo path #10566
- disable
AutoTLSintestprofile - feat(libp2p): shared TCP listeners and AutoTLS.AutoWSS #10565
-
AutoTLS.AutoWSSflag that adds catch-all listener/tcp/400X/tls/sni/*.libp2p.direct/wsifAddresses.*(swarm, announce, appendAnnounce) have no/tls/snior/wss() -
/wslistener can share the same port as/tcp(4001)
-
- AutoTLS: attempts to get cert when not publicly diallable #10570
- wait for libp2p reachability to be Public: fix(client): wait for public reachability before registering ipshipyard/p2p-forge#4
- do not attempt getting cert if we depend on
/p2p-circuitaddrs - do not attempt getting cert if the only "public addr" is ipv6 blocked by firewall: libp2p connectivity check false positive with ipv6? ipshipyard/p2p-forge#7
- Decide if
AutoTLS.Enabledfor every publicly diallable node, or if there should be extra test/steps- we want to avoid noise due to CI and testing nodes (maybe
AutoTLS.Enabled=falsein test profile is enough?)
- we want to avoid noise due to CI and testing nodes (maybe
- Agree if we use
/ipXor/dnsX(feat: add dns addr to addrsfactory ipshipyard/p2p-forge#34 (comment)) - Kubo itself needs some sort of smoke-test E2E
test/clithat gets cert from localhostAutoTLS.CAEndpointand confirms it is placed inIPFS_PATH/p2p-forge-certs/certificates/ -
libp2p.directproductization by Shipyard is finished - docs(websockets): include explicit /sni/ example libp2p/specs#639