Further work on whitelisting attachments by public key

Description

The PR that describes the current design of whitelisting attachments by public keys, and the proposed changes for Corda 5, can be found here: https://github.com/corda/enterprise/pull/2191.

A summary of the proposed changes:

  • Update the logic that establishes what attachments are trusted to remove the distinction between contract and non-contract attachments.

  • Ensure that no "chains of trust" can be established, i.e. only those attachments uploaded by a trusted installer can be used to check if a new attachment should be trusted (this should already be the case, so may just need a little testing)

  • Add some tooling to allow the operator to view precisely what attachments are trusted (further described in the PR, under "Second Phase Design"

Assignee

Dan Newton

Reporter

Shams Asari

Labels

Sprint

None

Epic Link

None

Priority

Highest

Engineering Teams

None

Fix versions

Affects versions

None

Ported to...

Corda 4.3
Corda Enterprise 4.3

Story Points / Dev Days

5

Build cut

None
Configure