This is the identity management solution for the HLF blockchain network. MSP performs the following tasks:
- It registers and enlists network and channel participants
- It maps certificates to members or participating organizations
- For an organization, MSP identifies the roles (administrative and suchlike) a participant can play
- It defines the participant's network and channel, and access privileges, such as read and write
Its principal activities are as follows:
- MSP identifies the root CAs and intermediate CAs who can further define the members of a domain, also known as an organization, either by listing the identities of their users, or by authorizing CAs to assign valid identities to their members
- MSP represents an organization, and is also responsible for RBAC on a network, and channels of the member of that organization
- An organization can have one or more OUs, and enrollment certificates (X.509 certificates) include an OU attribute in the certificate to define that organization's area of business