woutslakhorst
commented
4 years ago This means a public API would be exposed to accept CSR's for production..... That could result in a spammed inbox.
Open woutslakhorst opened 4 years ago
woutslakhorst
commented
4 years ago This means a public API would be exposed to accept CSR's for production..... That could result in a spammed inbox.
reinkrul
commented
4 years ago Alternatively, we could protect the API for submitting CSRs with a token that is handed out (out-of-band) to the vendor contact (person). They can use that token (like a coin for a bumper car) to submit the CSR.
woutslakhorst
commented
4 years ago or just handover the CSR out-of-band
reinkrul
commented
4 years ago or just handover the CSR out-of-band
That would be an even easier solution... However I think for test networks and certificate renewals, you'd want the Nuts node to be able to submit the CSR and receive the certificate. But maybe we should break that apart:
nuts refresh-node-cert) aren't an issue for the first 2 years-ish after the first certificate is issued, so we have some time there...Conclusion; out-of-band is the simplest solution for now, as long as it can be automated for test networks?
woutslakhorst
commented
4 years ago the discovery service supports an auto-ack feature
When CSR's are submitted, the network authority needs to verify the source. This can be done by returning a unique identifier when the CSR is submitted. This identifier can then be communicated out-of-band to the authority administrator. The administrator will use the identifier to sign the correct CSR.