英文:
Can a Hyperledger Fabric identity be enrolled solely through the web?
问题
While it is possible to use Node.js 的 fabric-ca-client 通过 REST API 执行注册,这需要与第三方服务进行通信,这可能会危及安全性,因为最终用户的密钥必须共享。
是否有一种直接通过网络与 fabric 互动的方法,而无需使用 REST API 以确保安全性?尝试使用 browserify 和 webpack 来捆绑 fabric-ca-client 模块已经失败,因为必要的模块无法找到或不兼容。
在这种方法中是否有关键性的东西我遗漏了?对于其他语言或架构中客户端的安全注册应用程序有任何建议,比如 Android 应用程序,将不胜感激。
谢谢。
英文:
While it is possible to use Nodejs's fabric-ca-client to perform enrollment through a REST API, this requires communication with a third party service which could compromise security as the end user's secret must be shared.
Is there a way to interact with the fabric through the web directly, bypassing the need for a REST API to ensure security? Attempts at using browserify and webpack to bundle the fabric-ca-client module have been unsuccessful as the necessary modules cannot be found or are incompatible.
Is there something crucial that I am missing in this approach? Any recommendations for secure enrollment applications for the client in other languages or architectures, such as Android applications, would be greatly appreciated.
Thank you.
答案1
得分: 1
"fabric-ca server is not mandatory for a fabric network. You can use alternative CA services to issue private keys and certificates so long as you create the appropriate MSP definition for your organisation which could be one option for you.
fabric-ca server already supports REST style requests, all fabric-ca-client node.js module does is wrap those calls into an easy to use interface for node.js applications. It should be possible to write a mobile phone application or web based application to interact with directly with a fabric-ca-server. It may be that is how the fabric operations console in hyperledger-labs actually does it as it doesn't bundle fabric-ca-client but can still interact with fabric-ca-servers.
You will probably have to inspect the fabric-ca-client code or fabric-operations-console code to work out how it does this as the fabric-ca documentation doesn't appear to describe the interfaces to do this."
英文:
fabric-ca server is not mandatory for a fabric network. You can use alternative CA services to issue private keys and certificates so long as you create the appropriate MSP definition for your organisation which could be one option for you.
fabric-ca server already supports REST style requests, all fabric-ca-client node.js module does is wrap those calls into an easy to use interface for node.js applications. It should be possible to write a mobile phone application or web based application to interact with directly with a fabric-ca-server. It may be that is how the fabric operations console in hyperledger-labs actually does it as it doesn't bundle fabric-ca-client but can still interact with fabric-ca-servers.
You will probably have to inspect the fabric-ca-client code or fabric-operations-console code to work out how it does this as the fabric-ca documentation doesn't appear to describe the interfaces to do this.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论