couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <>
Subject Re: Proposal for digital signatures of documents
Date Sun, 08 Mar 2009 17:14:08 GMT
On Sun, Mar 8, 2009 at 12:49 AM, Jens Alfke <> wrote:
> I've written a proposal of a schema for digitally signing CouchDB documents:
> Essentially, you add a nested object to the JSON that contains the signature
> data, the document digest, and the public key identifying the signer. This
> is a direct translation from the original YAML of a schema I designed &
> implemented a year ago for an application I was working on. The underlying
> ideas come from the earlier "key-centric identity" systems SDSI and SPKI.

I think this is important stuff (working on a p2p messaging
application right now that will use it). It's not about trusted or
untrusted nodes, it's about validating authors of documents when you
can't trace the provenance.

I think you'll want to add to the signature field, a list of the
signed fields. This way _rev can change freely, and intermediate users
can add new fields, without breaking the signature.

> I don't think this would require any changes to CouchDB itself. But most
> uses of it would require verifying signatures in document validation
> functions; this requires doing some serious crypto (like RSA encoding), and
> I don't know if there is any reliable and performant JavaScript
> implementation of that.

There are reliable JS md5 and sha1 libs. Will that get you there?

Chris Anderson

View raw message