Hyperledger: many commands can be manipulated to delete identities or affiliations

Introduction: The Faric-ca data in http body and authorization header for many commands that send from client to server are protected by signature. But I find the identity and affiliation commands still have the risk to be manipulated. Hacker can manipulate most other commands to delete identitie...