Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Talk a bit about interop and namespacing #49

Merged
merged 2 commits into from
Jun 23, 2022
Merged

Talk a bit about interop and namespacing #49

merged 2 commits into from
Jun 23, 2022

Conversation

divarvel
Copy link
Collaborator

@divarvel divarvel commented Jun 23, 2022
edited
Loading

@divarvel divarvel merged commit 7fa34d7 into main Jun 23, 2022
@divarvel divarvel deleted the namespace-and-interop branch June 23, 2022 13:58
@apollo13
Copy link

This looks great, thank you! May I ask what "third party blocks" are?

@divarvel
Copy link
Collaborator Author

Third-party blocks are a development of the biscuit spec, not completely specified yet (even though there is a working implementation based on the haskell library): biscuit-auth/biscuit#103

In a nutshell, while regular biscuits are based on the premise that only the authority block can be trusted (because it's signed by a well-known key), third party blocks are extra blocks that are also signed by well-known keys (that can be different from the authority key). Through a datalog syntax extension, it becomes possible to say "consider only facts coming from blocks have valid signatures for this specific public keys". That provides cryptographic segregation between facts.

@divarvel
Copy link
Collaborator Author

I have written down two example use cases for third-party blocks: #47 and #48

If you are familiar with macaroons, third-party blocks are an extension of third-party caveats: they make it possible to have a macaroons that's only valid if a third party validates a specific claim it carries. Third party blocks extend that by not only enabling third party checks, but also letting third parties embed facts as well.

@apollo13
Copy link

apollo13 commented Jun 24, 2022 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Geal Geal Geal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@divarvel @apollo13 @Geal