If you are doing automatic connections to peers on a local network, you probably want to be using TLS these days.
Using TLS generally requires a CN to validate. But you can use self-signed certs and TOFU (Trust on First Use) in some cases
Doing that requires generating keys. And generating keys requires using something like openssl. And learning openssl is a pain in the ass.
So I made a helper to asynchronously generate a GTlsCertificate for use in your glib/gtk apps.
@hergertme typedef GTlsCertificate GLetsEncrypt perhaps?
Seriously, this is *very* cool. Thanks for tying up loose ends, as ever :)
@federicomena I rather like the SSH TOFU design for services on my local network. Is this you? Yes, move on.
@federicomena I think the pratical step as part of doing this well might be pairing code a'la bluetooth (maybe using real words though) on both sides.
Match? Good, great, grand.
@hergertme yes, that would be extra nice. For example, @juanlibres wanted something like that for the setup phase of his spirulina sensors. Get a sensor gadget - plug it to your home net - how do you pair it with the data collection server.
@federicomena @hergertme nice! I've been using CurveCP & NaCl, via curvemq.org, for point-to-point encryption, and https://github.com/zeromq/zyre for peer-to-peer auto-discovery. The rfc for zyre is a neat place for ideas, I'd say. https://rfc.zeromq.org/spec:36/ZRE/