ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-18 18:56:28 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix permissioning doc (#2755) (#2756)

Browse Source 
(cherry picked from commit 4e5df2f)
This commit is contained in:
Shams Asari 2018-03-07 14:25:27 +00:00 committed by Katelyn Baker
parent 0d4e99d4f1
commit 9fd93fc038
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/source/permissioning.rst
View File

@ -78,16 +78,16 @@ public/private keypairs and certificates. The keypairs and certificates should o
Certificate role extension
--------------------------
Corda certificates have a custom X.509 v3 extension that specifies the role the certificate relates to. This extension
has the OID 1.3.6.1.4.1.50530.1.1 and is non-critical, so implementations outside of Corda nodes can safely ignore it.
has the OID ``1.3.6.1.4.1.50530.1.1`` and is non-critical, so implementations outside of Corda nodes can safely ignore it.
The extension contains a single ASN.1 integer identifying the identity type the certificate is for:
1. Doorman
2. Network map
3. Service identity (such as a notary or oracle)
3. Node certificate authority (from which the TLS and well-known identity certificates are issued)
4. Transport layer security
5. Well-known legal identity
6. Confidential legal identity
3. Service identity (currently only used as the shared identity in distributed notaries)
4. Node certificate authority (from which the TLS and well-known identity certificates are issued)
5. Transport layer security
6. Well-known legal identity
7. Confidential legal identity
In a typical installation, node administrators needn't be aware of these. However, when node certificates are managed
by external tools (such as an existing PKI solution deployed within an organisation), it is important to understand