Https backend

Currently, I’m working on the backend, which will mainly register user by signing their certificates.

Technologies

I work with Flask because everybody in our group know Python and they will be able to understand and review my code !

I chose MongoDB because our db has no relation, it just stores usernames, public keys, and ids.

I work with the cryptography python package, it uses openssl and I found it to be really great (I tried pyOpenSSL, and pycrypto before).

Certificate format

I decided to use x509 certificates because they have already everything we need in them, and they give different serialisation options.

Advancement

My server can already generate and sign a certificate based on the username and the public key given in a http post, but it’s still far from being ready.

I still need to work on:

• Write the API documentation
• Write more tests
• Find the best way to handle CA private key storage
• Handle User ids
• Deployment, we will use Heroku for development (of course if there is a real production one day, we will not use it)
• Get a https certificate (Let’s encrypt !)

We will maybe create a github mirror so everyone will be able to see and try our code !