Allow digital signatures to encrypt hashes #2
Comments
|
What type of encryption keys are you looking to use to do the signing? This module is being used in the context of the database contents not being trusted, so I don't think the CMS user should expect to store their keys in the database. They'll need be prompted to supply the signed data through some other means (like a modal, for example) prior to submitting it. |
|
Yeah, this feature is intended for front end use, say a user form with an upload field. You can imagine a module using verifiable as a dependency that permits users to digitally sign anything via a form (in addition to uploaded files). So yes a modal with a "one-off" input is the way to go. Scenario: (I will update the descripton as a user-story soon)
The kicker here is that we obviously don't want users pasting-in their private key, so that bit needs to be done on a trusted device like a smartpone app, a CLI tool on an air-gapped computer or whatever. And do this in a way that is as easy for the user to do with a "commodity" solution (like a Smarthpone app) as possible. |
|
TBH, the solution can work work however it likes as long as it supports the original user story. Worth bearing in mind also is that all verifiable needs to do, is to expose an API. Verifiable is the verification provider (admittedly with a basic feature OOTB that permits content verification). This particular digital-signature feature, will be provided in-toto by an additional module. |
|
Tech note: The way to acheive a signed hash is to use something like HMAC-SHA256. |
As an author, I would like to be able to notarise my data
So that I can verify that it was me that made a change
This story adds a further layer to data verification, whereby users can not only verify that data hasn't changed, but that the initial data was created by them, and them only. (By them, we mean "person" or "system" in posession of the signing private key)
The text was updated successfully, but these errors were encountered: