Spec: 4.3.1 IDENTIFIER ADMINISTRATOR: HS_ADMIN

An administrative operation on an identifier record or on the DO-IRP service (e.g., add, delete or modify an element) can only be performed by an administrator that is authenticated and that has adequate privileges.

We defined an “administrator” as an entity represented by an identifier and an element index within that identifier record. This identifier-index is a reference to an element that must contain a public key or secret key to be used when challenging the entity to authenticate itself.

An authenticated administrator is an entity that has demonstrated that it possesses either the private key matching the public key, or the secret key, pointed to by the administrator’s identifier- index element reference.

The privileges or authorizations that an administrator has over an identifier record is specified in one or more elements of type HS_ADMIN within that identifier record. Each HS_ADMIN element can be used to define a set of administrators sharing the same administration privilege. Identifiers with multiple administrators of different privileges may have multiple HS_ADMIN elements. HS_ADMIN elements are used by DO-IRP servers to authenticate administrators before fulfilling any DO-IRP administration request. However, as an implementation option, an identifier record without an HS_ADMIN element can be modified by a qualified DO-IRP server administrator.

An HS_ADMIN element is one whose field is HS_ADMIN and whose field consists of the following entries encoded as binary data:

Field Description

Field	Description
`adminPermission` uint32	See `AdminPermission` enum below for details.
`adminRef` ElementRef	Spec: Specifies the record’s administrator. It consists of the administrator’s identifier and element index (as defined above), encoded as a 4-byte length followed by that many UTF-8 encoded bytes, followed by a 4-byte unsigned integer for the index of the element that is referenced in the administrator’s identifier record. The referred element in the administrator’s identifier record must either be an identity authentication element (such as an HS_PUBKEY or HS_SECKEY element) or an HS_VLIST element, which specifies a group of administrators consisting of a list of one or more administrator identification and authentication elements references. (See HS_VLIST paragraph below for more description as well as HS_VLIST in section 4.2.8 for its detailed specification). An index value of 0 implies that the reference is to all elements in the administrator’s identifier record; this means all HS_SECKEY or HS_PUBKEY elements in that record can be used.

adminPermission

uint32

See AdminPermission enum below for details.

adminRef

ElementRef

Spec: Specifies the record’s administrator. It consists of the administrator’s identifier and element index (as defined above), encoded as a 4-byte length followed by that many UTF-8 encoded bytes, followed by a 4-byte unsigned integer for the index of the element that is referenced in the administrator’s identifier record. The referred element in the administrator’s identifier record must either be an identity authentication element (such as an HS_PUBKEY or HS_SECKEY element) or an HS_VLIST element, which specifies a group of administrators consisting of a list of one or more administrator identification and authentication elements references. (See HS_VLIST paragraph below for more description as well as HS_VLIST in section 4.2.8 for its detailed specification). An index value of 0 implies that the reference is to all elements in the administrator’s identifier record; this means all HS_SECKEY or HS_PUBKEY elements in that record can be used.

The set of possible permissions for an administrator. This is for generating consts, won’t be used directly in .proto files,

Name	Description
`ADMIN_PERMISSION_UNSPECIFIED`
`ADMIN_PERMISSION_ADD_IDENTIFIER`	Spec: Add_Identifier (0x0001) This permission, when set in a prefix identifier record, allows an authenticated administrator to create new identifiers under that prefix. This permission is only meaningful when set in an identifier record pertaining to a prefix, as it is a prefix-only permission.
`ADMIN_PERMISSION_DELETE_IDENTIFIER`	Spec: Delete_Identifier (0x0002) This permission allows an authenticated administrator to delete the identifier record.
`ADMIN_PERMISSION_ADD_DERIVED_PREFIX`	Spec: Add_Derived_Prefix (0x0004) This permission, when set in a prefix identifier record, allows an authenticated administrator to create new prefixes derived from the stated prefix identifier. This permission is only meaningful when set in a prefix identifier record and it is a prefix-only permission.
`ADMIN_PERMISSION_RESERVED`	Spec: Reserved (0x0008) This bit is reserved for historical reasons.
`ADMIN_PERMISSION_MODIFY_ELEMENT`	Spec: Modify_Element (0x0010) This permission allows an authenticated administrator to modify any elements other than HS_ADMIN elements. HS_ADMIN elements are used to define administrators and are managed by a different set of permissions (as described next).
`ADMIN_PERMISSION_DELETE_ELEMENT`	Spec: Delete_Element (0x0020) This permission allows an authenticated administrator to delete any element other than the HS_ADMIN elements.
`ADMIN_PERMISSION_ADD_ELEMENT`	Spec: Add_Element (0x0040) This permission allows an authenticated administrator to add elements other than the HS_ADMIN elements.
`ADMIN_PERMISSION_MODIFY_ADMIN`	Spec: Modify_Admin (0x0080) This permission allows an authenticated administrator to modify HS_ADMIN elements.
`ADMIN_PERMISSION_REMOVE_ADMIN`	Spec: Remove_Admin (0x0100) This permission allows an authenticated administrator to remove HS_ADMIN elements.
`ADMIN_PERMISSION_ADD_ADMIN`	Spec: Add_Admin (0x0200) This permission allows an authenticated administrator to add new HS_ADMIN elements.
`ADMIN_PERMISSION_AUTHORIZED_READ`	Spec: Authorized_Read (0x0400) This permission grants an authenticated administrator read-access to elements with the ADMIN_READ and without PUBLIC_READ permission. Administrators without this permission will not have access to elements that require authentication for read access.
`ADMIN_PERMISSION_LIST_IDENTIFIERS`	Spec: List_Identifiers (0x0800) This permission allows an authenticated administrator to list all identifiers under a designated prefix, even if such identifiers are managed in a distributed fashion on multiple servers. Identifiers that are based on prefixes derived from the specified prefix are not included in the listing. This is a prefix-wide setting and must be set on the respective prefix identifier record.
`ADMIN_PERMISSION_LIST_DERIVED_PREFIXES`	Spec: List_Derived_Prefixes (0x1000) This permission allows the administrator to list all prefixes derived from a designated prefix. If such derived prefixes have in turn their own derived prefixes, those further derivatives are also included in the listing as long as such derived prefix records are on the same DO-IRP service on which this listing operation is performed. This is a prefix-wide setting and must be set on a prefix identifier record.

Field	Description
`doid` string
`index` uint32

HsAdmin

AdminPermission

ElementRef