如何避免Fabric CA出现单点故障? [英] How to avoid the Fabric CA beeing a single point of failure?

问题描述

如果我理解正确，那么结构化区块链网络中的每个对等点(通过八卦互连)只能接受其他对等点的传入连接，只要他们使用带有结构CA签名的公共密钥的HTTPS连接.

if I understood correctly, every peer in a fabric blockchain network (somehow interconnected through gossip) will only accept incoming connections from other peers if they use a HTTPS connection with a public key signed by the Fabric CA.

对吗?

因此，据我了解，Root-CA成为单点故障，因为人们可以对其进行修改，并且从那时起，经过修改的Root-CA证书将传播到节点，最终再也没有节点可以相互连接了.

So in my understanding, the Root-CA becomes the single point of failure because one could modify it and from then on modified Root-CA certificates will propagate to the nodes and eventually no node can connect to each other anymore.

这正确吗?

推荐答案

让我也尝试回答两个问题，也许更直接些.

Let me try to answer the two questions also, perhaps a little more directly.

问题1:如果我理解正确，那么Fabric区块链网络中的每个对等方(通过八卦互连)仅会接受其他对等方的传入连接，只要他们使用具有Fabric CA签名的公共密钥的HTTPS连接.正确吗?

QUESTION1: if I understood correctly, every peer in a fabric blockchain network (somehow interconnected through gossip) will only accept incoming connections from other peers if they use a HTTPS connection with a public key signed by the Fabric CA. Is that correct?

ANSWER1:不，这是不正确的.您说的是"Fabric CA"，但是每个Fabric区块链网络都有多个受信任的CA，其中每个CA可以是Fabric CA或另一个CA或它们的组合.此模型中没有单个受信任的CA根.而且，来自对等方的连接是通过GRPC而不是HTTPS进行的.

ANSWER1: No, this is not correct. You said "the Fabric CA", but each fabric blockchain network has multiple trusted CAs where each may be a Fabric CA or another CA or a combination. There is no single trusted CA root in this model. Also, the connections from peers are over GRPC rather than HTTPS.

问题2:据我所知，Root-CA成为单点故障，因为可以对其进行修改，并且从那时起，修改后的Root-CA证书将传播到节点，最终再也没有节点可以相互连接.这是正确的吗?

QUESTION2: So in my understanding, the Root-CA becomes the single point of failure because one could modify it and from then on modified Root-CA certificates will propagate to the nodes and eventually no node can connect to each other anymore. Is this correct?

ANSWER2:不，这是不正确的. 没有SPoF(单点故障)是因为: a)一个Fabric CA可以在集群中运行 b)区块链网络中有多个Fabric CA集群(或其他CA). c)对等方和订购者不直接连接到CA.它们使用可从文件系统或其分类帐副本本地获得的加密材料进行操作. 也没有SPoT(单一信任点)，因为: a)它们是没有公共根密钥的多个根CA，并且 b)配置更新会影响谁信任谁，谁可能需要来自不同信任根的多个身份的签名.例如，更改信任策略可能需要区块链中每个组织(或渠道中的超级账本术语)的管理员签名.

ANSWER2: No, this is not correct. There is no SPoF (Single Point of Failure) because: a) a single Fabric CA can run in a cluster b) there are multiple Fabric CA clusters (or other CAs) in a blockchain network. c) the peers and orderers do not connect directly to a CA. They operate off of crypto material that is locally available from the file system or its copy of the ledger. There is also no SPoT (Single Point of Trust) because: a) their are multiple root CAs without a common root key, and b) configuration updates which affect who trusts whom may require signatures from multiple identities from different roots of trust. For example, changing a trust policy could require signature from an administrator from every organization in the blockchain (or in hyperledger terminology, in the channel).

这篇关于如何避免Fabric CA出现单点故障?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！