[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Handle-info] Creating a "user" to create, delete and edit handles
Any handle can serve as an identity for authentication and authorization. When CNRI allots prefixes, it generally includes a public key value in the prefix handle so that "0.NA/myprefix" can be used for bootstrapping. You can authenticate, once, as "0.NA/myprefix" in order to create "myprefix/thecreator".
If you do not wish to authenticate as 0.NA/myprefix even once, you can follow the instructions in Chapter 10 of the Handle Technical Manual to create that handle directly in storage.
The values you suggest for myprefix/thecreator are fine, although it is conventional to use index 300 (instead of 101) for an HS_PUBKEY or HS_SECKEY value.
You can then add "300:myprefix/thecreator" to the "server_admins" in your handle server's config.dct in order to ensure that the identity will be authorized.
> On Jan 4, 2018, at 12:23 PM, Nicolas Larrousse <Nicolas.Larrousse@huma-num.fr> wrote:
> Dear all,
> I have a quite naive question.
> Is there a simple way to quickly create a « user » than can create, delete and edit handles without informing the GRH and using the batch?
> I tried to find some information about that in the list (e.g. this thread http://www.handle.net/mail-archive/handle-info/msg00872.html ) but it’s not totally clear for me.
> I imagine that something like that could work for the batch:
> CREATE myprefix/thecreator
> 100 HS_ADMIN 86400 1110 ADMIN
> 101 HS_SECKEY 86400 1100 UTF8 my_password
> associated with a local_nas file
> Thanks in advance for your answer.
> Nicolas Larrousse
> PS If you ca provide some examples, it would make things easier for me to understand.
> Handle-Info mailing list
Handle-Info mailing list