Re: Major security hole in Hyperledger Fabric - Private Data is not private #fabric-chaincode #ssl #fabric #fabric-questions #fabric-dstorage
I think that there are factors that people tend to overlook and it leads to frustration and questions such as: "I can do X easily in my cloud environment, why is it so complex to do it in Fabric?"toggle quoted messageShow quoted text
From: "Brian Behlendorf" <bbehlendorf@...>
Date: 10/31/2019 09:19 PM
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Major security hole in Hyperledger Fabric - Private Data is not private #fabric #fabric-questions #fabric-dstorage #database #dstorage #dstorage-fabric #fabric-chaincode #ssl
Sent by: fabric@...
Would libp2p be helpful here? I had a conversation with someone about how other blockchain projects use it to abstract away some of the issues with using gossip for networking between nodes and how it simplifies the dev experience.
On 10/31/19 11:43 AM, Nye Liu wrote:
Yes, i have extensive hacks that do exactly that. It's a mess and illustrates exactly how badly some of k8s networking is "designed".
On 10/31/2019 11:38 AM, Alexandre Pauwels wrote:
On 10/31/2019 10:42 AM, Alexandre Pauwels wrote:
k8s is a disaster for p2p protocols, it is a very bad match. Great for monolithic microservice stacks, not much else.
On 10/31/2019 7:20 AM, email4tong@...wrote:
Hi Dave, Alexandre, Yacov, Ivan
I think private data’s p2p connection is a real problem (partially agree with Ivan).
In some commercial scenario, we need to open firewalls for every company connecting to each other, which is a disaster for project deployment.
And that is not the end of story. When a new company needs to join the existing fabric network, it needs to connect to each company. Again, we need to open firewalls, not only for the one newly joining, but also for those already joined. Hard to explain to everyone why a new company joining leads to such a tremendous configuration change. You don’t know how terrible it is you get challenged by IT departments of those companies ONE BY ONE, and you have no solution.
Do you have solution for such issue?
Thank you all