search

bcgov / DITP-DevOps

Digital Identity and Trust Program Team's DevOps Documentation Repository
Apache License 2.0
2 stars 6 forks source link

Remove TAA/AMl from CANdy ledgers #161

Closed esune closed 8 months ago

esune commented 9 months ago

The CANdy ledgers have been set-up to require acceptance of TAA/AML upon first acces by a new author, however this step is not really necessary as there is/will be more governance around the CANdy endorsers aimed at enforcing requirements for write transactions.

The ledgers to audit and to have TAA/AMl disabled on are:

WadeBarnes commented 8 months ago

Disabling the TAA(s) is done using the ledger disable-all-txn-author-agreements command. The resulting txn will require 2 Trustee signatures for the CANdy networks.

The documentation for the command does not indicate it accepts the sign=false parameter, even though it does. This allows the txn to be pre-generated and distributed to the Trustees to sign using the Endorser Tool.

The TAAs are disabled immediately following the txn write. The AML remains on the ledger and can safely be ignored. There is no way to disable/remove the AML.

WadeBarnes commented 8 months ago

Transactions have been authored and entered into the CANdy-Test - Ledger Transactions to Execute and CANdy-Prod - Ledger Transactions to Execute google sheets and the Trustees of the various ledgers have been notified signatures are required.

cvarjao commented 8 months ago

I've added my signature/approval to the transaction for CANDY-Prod

CharlesMacpherson commented 8 months ago

I've added my signature/approval to the transaction for CANDY-Prod

swcurran commented 8 months ago

I've added my signature to the CANdy-Test transaction.

WadeBarnes commented 8 months ago

The transactions have been executed. The TAAs on CANdy-Test and CANdy-Prod have been deactivated.