Sunday, October 21, 2007

Integrity and no-repudiation of resources

Trying to answer Dims' question here, I created a small appliation.

Here I used a sevlet filter to to add HTTP headers to the response indicating where to find the signature and digest files when a resource is requested.

Sample response headers when /index.html is requested :

resource-sig: /restsig/index.html.sig
resource-xmlsig: /restsig/index.html.xmlsig
resource-md5: /restsig/index.html.md5
resource-sig-cert: MIIDCjCCAfKgAwIBAg...=

Furthermore in the case of HTML (assuming well formed) and XML files this app generates the XML signature as well.

Now one can develop a simple browser plugin to verify the signature and digest (cerificate information can be made available as a header or a separate resource).

The source of this can be found here :

No comments: