Hi Larry! I think it is a great idea! I can't wait to read the KIP.
Thanks, Sandor On Sat, Jul 2, 2022 at 5:18 PM larry mccay <[email protected]> wrote: > Hello All - > > I am considering adding a new federation provider that would enable the use > of MetaMask for authenticating against blockchain to be used with KnoxSSO. > > A relatively recent standard in the blockchain world is called Sign in with > Ethereum (SIWE) [1][2]. > There is no java implementation of the specification yet but there is a > typescript one for client side use. We would need to implement the server > side requirements. > > This would allow for a couple things: > > 1. Distributed Identity based access to Knox protected resources - users > own their own identity information. NFTs may be able to be translated into > groups and a set of permissions that are enforced by Ranger Policies or > Knox ACLs. > 2. A means to bridge the enterprise IDP world and the distributed identity > for when authentication credentials and individual identity management will > provide users their own information but the enterprise will be able to > extend this information to detail and enforce organization specific > details, permissions and security compliance. > > Any interest in this as a new provider in the Apache Knox community? > If so, I will write up an initial draft of a KIP for it. > > thanks, > > --larry > > 1. https://eips.ethereum.org/EIPS/eip-4361 > 2. https://github.com/spruceid/siwe >
