SIGNER(8) SIGNER(8)
NAME
signer, countersigner - daemons for set-top box
authentication
SYNOPSIS
lib/signer
lib/countersigner
DESCRIPTION
Signer and countersigner listen for requests on the service
ports infsigner and infcsigner, respectively.
Signer constructs an authentication certificate from the
local key (in /keydb/signerkey) and information from the
requesting client (including the set top box ID).
If non-existent, signer creates and initialises
/keydb/signerkey with an owner name of `*'. That file can
also be created with createsignerkey(8).
Signer `blinds' the certificate by XOR-ing it with a random
bit mask, then sends the result to the requesting client.
The client machine's user uses that information to establish
identity with a human agent on the signing machine. Signer
also saves the both the `blinded' and `unblinded' result
from the input in /keydb/signed/set-top-box-id for
verify(8).
Countersigner sends the contents of
/keydb/countersigned/set-top-box-id to the requesting
client.
FILES
/keydb/signerkey Secret key of the
`signer' host.
/keydb/signed/set-top-box-id Repository of `blinded'
and clear certificates.
/keydb/countersigned/set-top-box-id Repository of
`unblinded' certifi-
cates.
SOURCE
/appl/lib/signer.b
/appl/lib/countersigner.b
SEE ALSO
createsignerkey(8), register(8), srv(8), verify(8)
Page 1 Plan 9 (printed 11/17/24)