I agree with ichimunki that this thinking just wouldn't fly with dynamic content. You're talking about adding one more process to squeeze your data through to get it to the client. However, this wouldn't be a bad idea at all for static resources.
But what if your CGI that was generating the dynamic pages could add in signature for the CGI itself (something hinging on a sessionID or something), to indicate that the resulting pages are genuine? A simple check from the client against that tag would verify the authenticity of the replies. | [reply] |
Update: misread ichimmunk's comment. Sorry :(
Better would be a signed text file containing the approved MD5 or SHA1 hashes for the downloadable files or libraries.
In my original post, I said that downloadable files are so-signed. But how does the downloader know that it was signed by the right person? Seeing the same sig identity in other places establishes knowledge of that person. That's the whole point of doing this.
Besides having an external sig file for the whole page, here's a couple reasons why it would be nice to sign just parts of a page:
Consider signing the "script" that's embedded in a HTML file. I was also thinking of putting together parts into a single presented page, where each part is already signed. For example, public statements and contact info.
If HTML is dynamically generated, such quoted blocks, like "send payment to..." could have sig's built-into the template.
—John
| [reply] |
that doesn't mean it makes no sense
That's why I said it did make sense. :)
If you have pieces of a web-page that are static so that they can be signed, it's a great idea. I'd love to see an application that helped verify embedded signatures in HTML from places like PM, where it would be nice to verify that a user is the same user from elsewhere based on their signature.
But how does the downloader know that it was signed by the right person?
The same way they'd know if the file itself was signed correctly.
It's an intriguing notion, it would be fun (and potentially useful) to have a web page that had IMG tags that had a signature attribute and the browser would note whether the image was signed or not. Or would do the work of detecting any signed element and validating it-- good suggestion. Is there something in the HTML spec that allows for this, or would we simply use a comment field?
The real fun is how to sign the image (or other binary file) outside the web page without altering the image file (so that non-compliant viewer programs could still display the image). And that's what I was thinking of with the signed hash file. You can caption the image (as part of the image) with a pointer to a signed hash file, hash the new image, put the hash in the hash file, sign the file, and distribute that file. If a version of the image is found that doesn't have a matching hash to the one in the file, the image has been altered. But I suppose this is redundant, you could just put a bunch of detached sigs in the file, eh?
| [reply] |
The real fun is how to sign the image (or other binary file) outside the web page without altering the image file (so that non-compliant viewer programs could still display the image).
Some graphics formats allow comments, e.g.
gif
I suppose if you wanted to get really fun, you could mess with the least significant bits.
andy.
| [reply] |