Skip to content
Snippets Groups Projects
Select Git revision
  • workshop-poc default protected
  • streamchain-paper
  • fabric-release-1.4
3 results

streamchain

  • Clone with SSH
  • Clone with HTTPS
    • user avatar
    Integration of MSP into cauthdsl
    Alessandro Sorniotti authored 
    This change set introduces a more flexible way of describing the identity
associated to a policy. So far we had support for serializing the
certificate associated to the identity. We introduce a new structure that
supports that and 3 other ways of listing identities: i) the admin of an
MSP, ii) the CA of an MSP and iii) a valid certificate for an MSP.

Furthermore, policy evaluation is now performed using the MSP infrastructure:
cauthdsl receives a policy principal and an Identity instance and then it can
use the interfaces offered by the MSP to check whether the identity satisfies
the principal and whether the signature verifies. The semantics of policy
verification has somewhat changed: an identity (and its signature) can be used
to satisfy only a single principal. This has the benefit of better dealing
with the policy "two signatures from org0", but it has the downside that a
single identity can no longer be used to satisfy two principals (e.g. if
we need signatures from an identity with attribute A and one with attribute
B, a single signature from an identity with both attributes would not be
sufficient).

Change-Id: Id18a5933e341781334080965b5d04dc07d4f1b99
Signed-off-by: default avatarAlessandro Sorniotti <ale.linux@sopit.net>
    bf2fd1d6
    History
    user avatar bf2fd1d6
    History
    Name Last commit Last update