Bug #3939
closedKepler Unique LSID Namespace generation
0%
Description
The Kepler installer should generate a public/private key pair upon installation. The private key is then used to digitally sign generated KARs from that particular Kepler instance. The public key is included inside the KAR as a separate KAREntry. This public key along with the locally generated LSID will provide for determining the uniqueness of KARs regardless of internet connectivity.
Files
Updated by Aaron Aaron about 15 years ago
The following requirements have been implemented:
-----------------------
A Kepler instance always has a unique authority/namespace.
Ship Kepler with a list of valid authorities for providing unique namespaces.
During installation of a Kepler instance
IF a network connection is available
and an authority can be reached
and a namespace can be assigned
record authority and assigned namespace in the common module directory (not the cache directory)
call this file InstanceAuthNamespace { file contents example: kepler-project.org:3271 }
refer to an LSID generated using this kind of Authorized Namespace as a Verified LSID (VLSID)
ELSE
create a version 4 UUID and save it to disk as the existing namespace using "uuid" as the authority
call this file InstanceAuthNamespace { file contents example: uuid:7e1d1daf-4890-4e84-bcf4-e9192254461a }
refer to an LSID generated using this kind of Unauthorized Namespace as a Probabilistic LSID (PLSID)
Updated by Aaron Aaron about 15 years ago
To test out getting a unique namespace from the test Authority Namespace service, delete the InstanceAuthNamespace file in the root directory of the common module (if it exists). A new file will be generated the next time you start Kepler.
Updated by Aaron Aaron almost 15 years ago
Documentation for the KeplerLSID system will be maintained here:
https://kepler-project.org/developers/teams/framework/kepler-life-science-identifiers-keplerlsid