Authentication/Authorization/Encryption

[founderio]

AFAIK, the wyoming protocol currently does not encrypt traffic, nor does it confirm the authenticity of any connected peer, nor does it have any authorization controls.

For the privacy-minded, which this project caters to, there should be some way to secure communication between wyoming nodes.

I think this is a good starting point for discussion:

• Encryption. Given that many installs are likely in local environments, without proper SSL certificates set up (which is another issue, but another story), an automatic key exchange is probably favorable.
• Authentication. See above - could work hand-in-hand.
• Authorization. Control which node (since we now know who we are talking to) can control which features.
  There should be a minimum separation between privacy-related and non-privacy-related activities.
  e.g.: Streaming audio in either direction, privacy-related. Deciding if streamed audio is a wakeword: Likely not as important.

See also a related discussion here: rhasspy/wyoming-satellite#144 (comment)

Keep in mind that I am no security expert, so take the ideas above with a grain of salt.