CCF
CCF copied to clipboard
microsoft
Confidential Consortium Framework
Tracking CCF performance on main, meant to stay open permanently for discussion, explanation of improvements/regression that isn't specific to a single PR etc. To discuss improving the monitoring implementation itself,...
Contributes to https://github.com/microsoft/CCF/issues/4068 Key Decisions: - We perform a runtime check in virtual builds in PAL to see if we support SEV-SNP - We strictly don't allow any kind of...
The new [JS governance](https://github.com/microsoft/CCF/blob/main/src/runtime_config/default/actions.js) makes use of some new native functions exposed in the `ccf` global that are only available in the constitution, not in app endpoints: - `ccf.network.getLatestLedgerSecretSeqno` -...
Currently, CCF only accepts JWKS documents where each key has an `x5c` field. While this is the case for Microsoft, it is not required by the [spec](https://openid.net/specs/openid-connect-discovery-1_0.html): > The JWK...
Part of #3692. The current tests include truncation and removal of ledger files. I have a test that corrupts ledger files, but this fails unexpectedly - I'll investigate that separately....
This took a bit more moving of structs than I hoped, but I think this is the right way to expose the node config to applications.
This adds support for custom ACME challenge handlers, which is required as there is no standardized interface for installing challenge responses, e.g. for dns-01 challenges. Most of this is straightforward,...
Currently, only `RS256` is supported. `ES256` is ECDSA with SHA-256 and is the other commonly used JWT signing algorithm.