SIGNER(8) SIGNER(8) NAME signer, countersigner - daemons for set-top box authentication SYNOPSIS lib/signer lib/countersigner DESCRIPTION Signer and countersigner listen for requests on the service ports infsigner and infcsigner, respectively. Signer constructs an authentication certificate from the local key (in /keydb/signerkey) and information from the requesting client (including the set top box ID). If non-existent, signer creates and initialises /keydb/signerkey with an owner name of `*'. That file can also be created with createsignerkey(8). Signer `blinds' the certificate by XOR-ing it with a random bit mask, then sends the result to the requesting client. The client machine's user uses that information to establish identity with a human agent on the signing machine. Signer also saves the both the `blinded' and `unblinded' result from the input in /keydb/signed/set-top-box-id for verify(8). Countersigner sends the contents of /keydb/countersigned/set-top-box-id to the requesting client. FILES /keydb/signerkey Secret key of the `signer' host. /keydb/signed/set-top-box-id Repository of `blinded' and clear certificates. /keydb/countersigned/set-top-box-id Repository of `unblinded' certifi- cates. SOURCE /appl/lib/signer.b /appl/lib/countersigner.b SEE ALSO createsignerkey(8), register(8), srv(8), verify(8) Page 1 Plan 9 (printed 11/18/24)