Skip to content
Snippets Groups Projects
Select Git revision
  • workshop-poc default protected
  • streamchain-paper
  • fabric-release-1.4
3 results

streamchain

  • Clone with SSH
  • Clone with HTTPS
  • user avatar
    Alessandro Sorniotti authored
    This change set introduces a more flexible way of describing the identity
    associated to a policy. So far we had support for serializing the
    certificate associated to the identity. We introduce a new structure that
    supports that and 3 other ways of listing identities: i) the admin of an
    MSP, ii) the CA of an MSP and iii) a valid certificate for an MSP.
    
    Furthermore, policy evaluation is now performed using the MSP infrastructure:
    cauthdsl receives a policy principal and an Identity instance and then it can
    use the interfaces offered by the MSP to check whether the identity satisfies
    the principal and whether the signature verifies. The semantics of policy
    verification has somewhat changed: an identity (and its signature) can be used
    to satisfy only a single principal. This has the benefit of better dealing
    with the policy "two signatures from org0", but it has the downside that a
    single identity can no longer be used to satisfy two principals (e.g. if
    we need signatures from an identity with attribute A and one with attribute
    B, a single signature from an identity with both attributes would not be
    sufficient).
    
    Change-Id: Id18a5933e341781334080965b5d04dc07d4f1b99
    Signed-off-by: default avatarAlessandro Sorniotti <ale.linux@sopit.net>
    bf2fd1d6
    History
    Name Last commit Last update