Anyway; I run this to initialise an IPFs repository:
ipfs init initializing ipfs node at /Users/auser/.ipfs generating 2048-bit RSA keypair...done peer identity: Qmcpo2iLBikrdf1d6QU6vXuNb6P7hwrbNPW9kLAH8eG67z
The IPFS architecture specs (https://github.com/ipfs/specs/tree/master/architecture), state this:
The IPFS network uses PKI-based identity. An "ipfs node" is a program that can find, publish, and replicate merkledag objects. Its identity is defined by a private key. Specifically: privateKey, publicKey := keygen() nodeID := multihash(publicKey)
So is this ‘PKI-based identity’ a self-signed certificate using the RSA keypair? How is that 2048-bit RSA keypair generated? Is there some default/automated passphrase or some such used? Forgive me if it’s obvious, but I’d really appreciate a thorough explanation.
Copied from original issue: https://github.com/ipfs/faq/issues/238