Recently I’ve started a project where the use case goes as the following:
Alice wants to download a file from Bob (could be an organization). Bob is running a web server what is mainly always online. Alice is not but when she goes online she will immediately download the file from Bob’s web server. Likewise to the file on Bob’s web server, Alice has many other web servers to go to and download files.
To establish this connection between Alice and Bob I thought it would be a good idea to set up a central point of communication for both of them. A web server where Bob can inform Alice what files she still needs to download, very similar to a download queue.
So why do I think I need CFSSL?
Well that’s very simple Bob needs to be sure that only Alice downloads the files what he shares on his web server. Of course Alice wouldn’t be very happy if she wanted to download a file from Bob but instead downloaded it from someone else, but it’s not as important as it’s for Bob to be sure that only Alice downloads the file.
If I really need it, then I’m extremely curious about how I should implement this.
Who will become the party to obtain certificates?
How often do I need to create certificates, will it be per file/user/organization?
Will there still be information public, if so what and where?
The connection could be peer to peer at some point, but to establish a connection between Alice and Bob, to help Alice get to know the “address” of Bob. There needs to be a central server, what helps Alice find Bob’s address. This central server could be a web server, a Cloudflare proxy or something else I don’t know.