![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to sign.1 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Research Unix] / researchv10dc / cmd / sign|
Return to sign.1 CVS log | Up to [Research Unix] / researchv10dc / cmd / sign |
1.1 ! root 1: .TH SIGN 1 ! 2: .CT 1 comm_term sa_mortals secur ! 3: .SH NAME ! 4: sign, verify, enroll, resign \(mi document certification ! 5: .SH SYNOPSIS ! 6: .B sign ! 7: [ ! 8: .B -n ! 9: .I name ! 10: ] [ ! 11: .I file ! 12: ] ! 13: .PP ! 14: .B verify ! 15: [ ! 16: .B -s ! 17: ] [ ! 18: .I file ! 19: ] ! 20: .PP ! 21: .B enroll ! 22: .PP ! 23: .B resign ! 24: .SH DESCRIPTION ! 25: These routines ! 26: provide a document-certification service. ! 27: .PP ! 28: .I Sign ! 29: reads a document from the ! 30: .I file ! 31: or from the standard input, demands a signing password ! 32: for the current login id, ! 33: and places on standard ! 34: output a signed and dated copy of the document, ! 35: with a cryptographic certificate attached. ! 36: The resulting document can be embedded in a larger one. ! 37: The option is ! 38: .TP ! 39: .BI -n " name ! 40: Set the signing name; its password will be demanded. ! 41: .PP ! 42: .I Verify ! 43: scans the ! 44: .I file ! 45: or the standard input for a certified document. ! 46: If the document and date are as they were when certified, ! 47: except possibly indented, ! 48: the verified document is placed on the standard output ! 49: with a statement of verification attached. ! 50: The option is ! 51: .TP ! 52: .B -s ! 53: Do not print the document; place only a statement of ! 54: verification on the standard output. ! 55: .PP ! 56: The signer of a document must be registered with the ! 57: certification service; the recipient need not be. ! 58: Two commands handle registration: ! 59: .PP ! 60: .I Enroll ! 61: demands a signing password and registers it for the current ! 62: login id. ! 63: It is unwise to use your login password. ! 64: .PP ! 65: .I Resign ! 66: demands the signing password and, if it is correct, ! 67: terminates the registration for the current login id. ! 68: .PP ! 69: A signed document and its date are tamperproof ! 70: and thus are good for ordinary business purposes. ! 71: The mere appearance of a certificate, however, is not proof ! 72: of authenticity. That can be determined only by ! 73: .I verify. ! 74: The output of ! 75: .I verify ! 76: lacks a ! 77: certificate; its authenticity cannot be attested at a later date. ! 78: .PP ! 79: There is no notion of an `original' signed document; ! 80: all copies are equally good and may be reverified at will. ! 81: .PP ! 82: Signers must trust ! 83: .I sign ! 84: and recipients must trust ! 85: .I verify ! 86: not to have been tampered with on their respective machines. ! 87: Both parties must trust the verification ! 88: service, which is on a separate secure machine, ! 89: and the communication channels to it. ! 90: .SH EXAMPLES ! 91: .TP ! 92: .B sign <doc.raw >doc.cert ! 93: .TP ! 94: .B verify <doc.suspect >doc.checked ! 95: .TP ! 96: .B sign <letter | mail whomever ! 97: The recipient can verify the letter from within ! 98: .IR mail (1) ! 99: by using ! 100: .I mail's ! 101: pipe command: ! 102: .LR |verify . ! 103: .SH SEE ALSO ! 104: .IR notary (8) ! 105: .SH DIAGNOSTICS ! 106: .I Verify ! 107: yields exit status 0 only on successful verification. ! 108: .PP ! 109: `Bogus' \- the document has been tampered with, or the ! 110: original password is no longer registered. ! 111: .SH BUGS ! 112: Only one user with a given login name may be registered; ! 113: thus the certification service cannot be extended too ! 114: far. ! 115: .br ! 116: To minimize dependence on the certification service, ! 117: no password check is made at signing. A mistyped password ! 118: will not show up until verification.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.