AS: accessing configuration from verifiers #384
Comments
|
@thomas-fossati Currently, the address for For a long term design, I prefer to have a pure rust CCA verifier handler/implementation to replace veraison for CCA. Kevin (Hi @kevinzs2048 , hopefully I pinged the right person) could probably give more contexts. |
OK, thanks for confirming this is accidental and there is no design "barrier" to such an approach.
Yes, this is in progress. I have just started integrating Veraison's rust-ccatoken into Trustee. But we still want to allow both options (i.e., remote and embedded CCA verifiers), hence the question.
Yes, you did. Kevin and I are in the same team at Linaro :-) |
|
Yeah I think I would prefer configuration through the config file over an environment variable. |
I would like to use the AS configuration file to describe the parameters for my verifier.
Something like:
{ "//": "global AS config" "work_dir": "...", "//": "per-verifier stanzas" "verifiers": { "cca": { "veraison": { "endpoint": "https://veraison.example/challenge-response/v1/newSession", "api-token": "/path/to/api/token.jwt" "tls-config": { "ca-certs": "/path/to/ca.pem", "//": "etc." } } } } }At present, this is not supported. Is that a conscious design decision, or is it because no one had this need before?
A (less intrusive) alternative would be to have a separate configuration file and pass it to my verifier in an environment variable.
Would such an approach be preferable?
The text was updated successfully, but these errors were encountered: