Update default auth_rules to reflect deprecation of ATTRIB #1735
Comments
|
To be a little clearer, when |
|
Is there a link to some documentation for those interested in the decision driving this change and the recommended migration/alternative? |
|
This is driven by the use of the did:indy DID method -- https://hyperledger.github.io/indy-did-method/ A PR is being added to that about deprecation - we have a DCO issue on that. Basically - there is only one convention that uses ATTRIB -- |
|
As @swcurran, states, this will be cleaner once |
As a message to those creating new networks that the ATTRIB functionality is being removed from indy-node I suggest that we change the default auth_rules table to mark ATTRIB transactions as FORBIDDEN.
Currently the default auth_rules give some permissions to those that would like to perform ATTRIB transactions. Changing it to FORBIDDEN would make it so that, by default, a user would no longer be able to perform an ATTRIB transaction, thus demonstrating that ATTRIB has been deprecated. The setting of FORBIDDEN can easily be reverted to the previous default value, if desired, so that a new network can still allow ATTRIB transactions as needed for backward compatibility. (I tested changing a value that defaults to FORBIDDEN to a different value and then back and all worked well).
Again, this suggestion is only to change the default value of ATTRIB transactions in the auth_rule table. This will not affect upgrading existing networks, nor will it change anything except the default value (which is still alterable, if desired).
The text was updated successfully, but these errors were encountered: