How does Hyperledger-fabric confirms the user as a valid user in the network?

Question

I know that a user must get an identity created by Certificate Authority(CA) before they join Hyperledger Fabric Network. The CA will create a public key and a private key to the user. When the user submits a transaction to the peer node in the network, the transaction will be signed using private key and the peer node will confirm the transaction by using public key of the user to confirm the transaction is initiated by a user that had gone through CA first(Correct me if my understanding is wrong).

For example in a network there is OrgA, Org B and Org C. Org A has 100 peer nodes and 1,000,000 user. If each of those 100 peer nodes has to keep 1,000,000 user's public key, isn't it kind of a waste of database resources because each of them has to keep those 1,000,000 user's public key and information when most probably they could divide the keeping of public key since these peer nodes are from the same organization?

Answer 1

Hyperledger Fabric uses an abstraction called msp to maintain and validate membership of users. It is usually a folder structure on filesystem, which maintains keys and certs. The PKI keys don't take much space. For your question regarding peers, different peers of an organization can have different responsibilities, some can be configured like endorsing peers, committing or admin peers.