Help with signing messages

Michael Stone michael at laptop.org
Sat Jan 29 13:24:35 EST 2011 

On Fri, 28 Jan 2011 at 14:40:54 -0200 Esteban Bordon wrote:
> I trying to make a notification system that reads messages from sqlite3
> database and show them via dbus notifications. I want to store a hash of the
> message inside the db to verify each message before show it, but I don't
> know how I do it.
> 
> I think sign the message using sig01 of bios-crypto but I don't know how I
> can verify this hash. Can I use some mfg-data tag to verify it (msg signed
> with masterkey appropiate)?
> 
> Which command I have to use?

Can you please say a bit more about the system you're building? (The choice of
the right command almost certainly depends on some further details about your
goals.)

In particular:

   * what does a typical message say?

   * how are messages transmitted?

   * are the messages addressed to one, many, or all possible recipients? 
     (unicast, multicast, broadcast)

   * are the notifications one-way or will there be replies?

   * are the messages solely intended for humans to read or are they also
     machine readable?

   * do you care if other people read the messages in transit? 
     (secrecy)

   * do you care if the messages are modified in transit? 
     (integrity)

   * is the recipient supposed to know who sent a message? 
     (agreement on sender identity)

   * is the sender supposed to know who received a message? 
     (agreement on receiver identity)

   * do you care if a message is never delivered?
     (availability / reliability)

   * do you care if a message is delivered multiple times?
     (replay)

   * do you care if messages are reordered in transit?
     (ordering)

   * do you have other security goals not mentioned above?
     (availability, resource usage limits, non-repudiation, privacy...)

Regards,

Michael

More information about the Devel mailing list