CCF icon indicating copy to clipboard operation
CCF copied to clipboard
verified publisher icon microsoft

Investigate governance sample and documentation showing member joining driven by endorsement

Open achamayou opened this issue 3 years ago • 1 comments

For CCF deployments such as ACL, the service often controls a governor node which has the authority to add and remove nodes from a network.

It would be useful for users of a hosted CCF network to provision their own governors of the network which needs to be robust in the event of disaster recovery.

Allowing users to assign governors must be done in a way which is still trustable, so there must be some external trusted authority who can endorse new governors. There are two possible way we can do this:

  1. A proposal to assign a governor must be signed by a trusted authority, this can be specified in a networks constitution and is therefore the simpler solution to implement.
  2. New governors propose themselves to the network, and they must provide an x509 certificate which has been signed by the trusted authority which members can then inspect and agree on

achamayou avatar Sep 20 '22 15:09 achamayou

From the meeting with Pallab: We are happy to have a new type of member (trusted authority) who can provision new governors by signing the proposal.

How to we maintain TA key? (Same as current, they hand over to a new key via a proposal) What is TA key is leaked? (Can only DOS a network, not compromise it, loss is more of a risk which can be defended against with multiple TAs)

DomAyre avatar Oct 10 '22 17:10 DomAyre

#4343

achamayou avatar Oct 20 '22 22:10 achamayou