22.4 Other Code Signing Methods

Previous page
Table of content
Next page
only for RuBoard - do not distribute or recompile

22.4 Other Code Signing Methods

To close this chapter, we note that there are other ways of signing code to make it trustworthy. For example, for many years, PGP signature certificates have been used for validating programs and announcements distributed over the Internet. There are a few drawbacks to using PGP in this way. Because support for PGP is not built into web servers and browsers, the signature signing and verification must be done as a two-step process. A second drawback is that PGP signatures cannot use the public key infrastructure developed for use with web browsers. A benefit of the use of PGP is that any kind of file, document, or program can be signed with PGP, as PGP signatures can be "detached" and saved in separate locations.

As another alternative, the World Wide Web Consortium's DSig initiative has proposed using PICS 1.1 labels as a tool for digital signatures. Information can be found at http://www.w3.org/pub/WWW/Security/DSig/Overview.html.

only for RuBoard - do not distribute or recompile

Previous page
Table of content
Next page
Web Security, Privacy & Commerce
Web Security, Privacy and Commerce, 2nd Edition
ISBN: 0596000456
EAN: 2147483647
Year: 2000
Pages: 194
Authors: Simson Garfinkel
BUY ON AMAZON
CISSP Exam Cram 2
Cisco CallManager Fundamentals (2nd Edition)
Twisted Network Programming Essentials
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Microsoft WSH and VBScript Programming for the Absolute Beginner
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy