SIGNER(8)
NAME
signer, countersigner − daemons for set-top box authentication
SYNOPSIS
lib/signer
lib/countersigner
DESCRIPTION
Signer and countersigner listen for requests on the service ports infsigner and infcsigner, respectively.
Signer constructs an authentication certificate from the local key (in /keydb/signerkey) and information from the requesting client (including the set top box ID).
If non-existent, signer creates and initialises /keydb/signerkey with an owner name of That file can also be created with createsignerkey(8).
Signer ‘blinds’ the certificate by XOR-ing it with a random bit mask, then sends the result to the requesting client. The client machine’s user uses that information to establish identity with a human agent on the signing machine. Signer also saves the both the ‘blinded’ and ‘unblinded’ result from the input in /keydb/signed/set-top-box-id for verify(8).
Countersigner sends the contents of /keydb/countersigned/set-top-box-id to the requesting client.
FILES
/keydb/signerkey
Secret key of the ‘signer’ host.
/keydb/signed/set-top-box-id
Repository of ‘blinded’ and clear certificates.
/keydb/countersigned/set-top-box-id
Repository of ‘unblinded’ certificates.
SOURCE
/appl/lib/signer.b
/appl/lib/countersigner.b