Skip to content

A missing howto for practical usage of Admin API in Java to rotate party signing keys #938

Description

@tomastauber-da

Path: /appdev/deep-dives/external-signing-topology

Currently, the tutorial mentions:

This tutorial is for demo purposes. The code snippets should not be used directly in a production environment.

It doesn't show how party signing keys can be rotated, besides mentioning:

The serial is a monotonically increasing number, starting from 1. Each transaction creating, replacing, or deleting a unique topology mapping must specify a serial incrementing the serial of the previous accepted transaction for that mapping by 1. Uniqueness is defined differently for each mapping. Refer to the protobuf definition of the mapping for details. This mechanism ensures that concurrent topology transactions updating the same mapping do not accidentally overwrite each other. To obtain the serial of an existing transaction, use the TopologyManagerReadService to list relevant mappings and obtain their current serial.
In this tutorial, it is assumed that the NamespaceDelegation created is new, in particular there is no pre-existing root namespace delegation with the key created in step 1. The serial is therefore set to 1.

It'd be good to have a practical step-by-step documentation for rotating party signing keys using Admin API in Java.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions