Open nycnewman opened 3 years ago
This is not a Daml Engine thing. The engine is the interpreter, it never sees a TLS certificate or any network connection for that matter.
@mziolekda : you've recently worked on improving the logging of security events. This one seems to have slipped the net. Would be good to understand why, identify like log events that slipped, and get these all tested and fixed.
Whilst the Ledger API correctly handles certificates (expired, invalid, untrusted, etc), no logs are produced at INFO level for these actions, either for valid or failed authentication. These logs would normally be sent to a SIEM event logger for analysis and audit.