Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] Biscuit 2.0 specification and samples #77

Merged
merged 23 commits into from
Jan 12, 2022
Merged

[WIP] Biscuit 2.0 specification and samples #77

merged 23 commits into from
Jan 12, 2022

Conversation

Geal
Copy link
Contributor

@Geal Geal commented Sep 3, 2021

See #72

@Geal Geal added this to the Biscuit 2.0 milestone Sep 3, 2021
Geal added 2 commits September 3, 2021 21:59
- remove v0 compatibility
- convert v1 to v2
- remove the index from blocks (now the cryptographisc design guarantees
the order
@Geal Geal force-pushed the 2.0 branch 3 times, most recently from 035941d to f19bce4 Compare September 5, 2021 21:32
the scoped execution model ensures that checks and rules only
have access to facts added or generated in the current or previous
blocks. They cannot be affected by facts from later blocks. Verifier
rules, checks and policies are executed in the context of the authority
block

Since this change can prevent check from the authority block and the
verifier from being affected by facts from later block, we can remove
the #authority and #ambient symbols
Geal and others added 17 commits September 6, 2021 12:08
symbols were a kind of strings with less available operations and some
specific optimizations: they store in index into a symbol table carried
by the token, to reduce size by avoiding repetitions.
They were too confusing for users, and now that #authority and #ambient
are gone, we can remove them completely.
The symbol table was useful though, so now the symbol table is used for
all predicate names and strings
it is enough to uniquely identify each block
They complicated the Datalog, and the #authority and #ambient symbols
are not needed anymore with the scoped execution
this will open the way t other urves or algorithms, like P256
it does not change anything security wise, but it makes it more
consistent with the rest
@fbredy
Copy link

fbredy commented Dec 9, 2021

What about this V2 ? is it still "in progress" ?

@Geal
Copy link
Contributor Author

Geal commented Dec 9, 2021

@fbredy it is mostly done. Currently we're working on the web components and the new website, and will publish that along with the 2.0.

I'd like to see the java version done as well. Do you have plans to update the C# version to 2.0?

Geal added 2 commits December 24, 2021 13:15
implementations will be able to compare the returned errors
@fbredy
Copy link

fbredy commented Jan 9, 2022

@fbredy it is mostly done. Currently we're working on the web components and the new website, and will publish that along with the 2.0.

I'd like to see the java version done as well. Do you have plans to update the C# version to 2.0?

@Geal, i'll update the C# biscuit package, just after the merge of the java version. i've already started.

@Geal
Copy link
Contributor Author

Geal commented Jan 12, 2022

ok, I'm merging this now, there's been enough time to explore it :)

@Geal Geal merged commit 3a200b4 into master Jan 12, 2022
@Geal Geal mentioned this pull request Jan 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants