Reputation: 109
Hyperledger Fabric CA Server: single point of administration
I am a bit confused about the consensus-based network administration.
In my understanding of hyperledger fabric, the CA server is a single point of administration. Even though it is possible to create organization-specific CA servers, there should be one main CA to verify the chain of trust.
For example, the one who administers the CA server can create the required number of identities to break the consensus.
Please clarify if I am wrong.
Thanks & Regards, Akhil KM
Upvotes: 1
Views: 73
Answers (1)
Reputation: 4133
@Akhil KM
CA server is not a complete administration in the fabric network
it is just giving certificates and the MSP is the complete administration and that to not to the whole consortium. Each entity can have different MSP means different CA's can issue certificates. One org can have more than one CA
CA in the fabric is exactly equivalent to normal CA in current all public-key cryptography like how browsers show us secure https by trusting the certificate
In fabric or in website world CA will never become an administrator. CA will have an administrator (To operate CA :) )
Upvotes: 1
Related Questions
- Fabric CA Server DB in the Client
- Shared infrastructure in Hyperledger Fabric
- can we setup one CA for multiple organization through fabric?
- Hyperledger Fabric: CA Server and Client on different machines or the same?
- Having the same root ca for multiple organizations in Hyperledger Fabric network
- Hyperledger Fabric - How CA works
- How to build intermediate CA server detailly using fabric ca?
- Single organization Hyperledger fabric n/w
- How to implement Fabric-CA or third party CA in hyperledger fabric
- Hyperledger Fabric 1.0 CA in different hosts