Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 82949 invoked from network); 8 Mar 2009 08:49:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 8 Mar 2009 08:49:54 -0000 Received: (qmail 18164 invoked by uid 500); 8 Mar 2009 08:49:52 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 18127 invoked by uid 500); 8 Mar 2009 08:49:52 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 18111 invoked by uid 99); 8 Mar 2009 08:49:52 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Mar 2009 00:49:52 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jens@mooseyard.com designates 208.97.132.177 as permitted sender) Received: from [208.97.132.177] (HELO randymail-a9.g.dreamhost.com) (208.97.132.177) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Mar 2009 08:49:44 +0000 Received: from [10.0.1.105] (76-191-199-100.dsl.dynamic.sonic.net [76.191.199.100]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by randymail-a9.g.dreamhost.com (Postfix) with ESMTP id DFA16EE268 for ; Sun, 8 Mar 2009 00:49:22 -0800 (PST) Message-Id: <283A6EDD-6701-4A6A-88AE-8B97E6D11D9E@mooseyard.com> From: Jens Alfke To: user@couchdb.apache.org Content-Type: multipart/signed; boundary=Apple-Mail-63-496923537; micalg=sha1; protocol="application/pkcs7-signature" Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Proposal for digital signatures of documents Date: Sun, 8 Mar 2009 00:49:21 -0800 X-Mailer: Apple Mail (2.930.3) X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail-63-496923537 Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable I've written a proposal of a schema for digitally signing CouchDB =20 documents: http://wiki.apache.org/couchdb/SignedDocuments Essentially, you add a nested object to the JSON that contains the =20 signature data, the document digest, and the public key identifying =20 the signer. This is a direct translation from the original YAML of a =20 schema I designed & implemented a year ago for an application I was =20 working on. The underlying ideas come from the earlier "key-centric =20 identity" systems SDSI and SPKI. I think something like this would be nearly mandatory in a fully-=20 distributed usage of CouchDB, a network of nodes that cannot all trust =20= each other. The only way to trust the documents being replicated =20 through the system is for each document to independently assert its =20 creator and its integrity. That's what signatures give you. I don't think this would require any changes to CouchDB itself. But =20 most uses of it would require verifying signatures in document =20 validation functions; this requires doing some serious crypto (like =20 RSA encoding), and I don't know if there is any reliable and =20 performant JavaScript implementation of that. Comments and suggestions welcome, of course :) =97Jens= --Apple-Mail-63-496923537 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIID3DCCA9gw ggLAoAMCAQICAQEwCwYJKoZIhvcNAQEFMH0xEzARBgNVBAMMCkplbnMgQWxma2UxFjAUBgNVBAoM DVRoZSBNb29zZXlhcmQxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzERMA8GA1UEBwwIU2FuIEpv c2UxITAfBgkqhkiG9w0BCQEWEmplbnNAbW9vc2V5YXJkLmNvbTAeFw0wODAyMjIwMTM5MDhaFw0w OTAyMjEwMTM5MDhaMH0xEzARBgNVBAMMCkplbnMgQWxma2UxFjAUBgNVBAoMDVRoZSBNb29zZXlh cmQxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzERMA8GA1UEBwwIU2FuIEpvc2UxITAfBgkqhkiG 9w0BCQEWEmplbnNAbW9vc2V5YXJkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALmq2x7BcJchGCAW4LyIhi/jhe9igH5d2RAh2cbxUwxDmH8GEFAwI0r7rIb3PLH57zournB8z6qK jk0Y+w/6KqaDXf1njCnF73prLbEfbVxmdyNPwrNJe8ZpmbNCx5HSBEPaR4BBE9me6B/Emfj3fovN 7d2vzXeaHb5ZTCk1uSK5vhSNWBY2PO0J0oXw2AL6N+nFqKpl94lYi7OVPI+urN9LuOV+71sU9Dv/ doeKmE65g1tOwt6C5Lnxl+QRpXbowjCkWnN1OeBv5rhnn8IHFL8HvzbETvzw9bl6SCXcWrNuH6fK 498AVoF4LtI8Qc96ZSSIGbAFWY9Gy4DRxHaF38sCAwEAAaNlMGMwDgYDVR0PAQH/BAQDAgL8MBYG A1UdJQEB/wQMMAoGCCsGAQUFBwMEMDkGA1UdEQQyMDCBEmplbnNAbW9vc2V5YXJkLmNvbYYaaHR0 cDovL21vb3NleWFyZC5jb20vSmVucy8wDQYJKoZIhvcNAQEFBQADggEBADyQmXRiGltcPVw29fRe nc/3C3HXE9K5ZtnaGZGJlRaLhYVo2dNaR26zhVnyeuc/PCvynOcQfW/uomIxlwxBYG7Ss+x2KT7c k2OUYdlVJCApUEiQ3cw2+aOM44nJDNKAaA5jYiGyx/vWeTbFxP+Zswf8R4h2IIQQkpa76oYwtqwC 37KSAMjwp/NdoePsGEkGA63nwpdpX0wGYq+NVLNg+LxFmPxKilu24sKUvNsjQFLC84LhcUT4hBUM +vTAi6zMZ02/TZZXPnXQJLNLx878s8TU3oj9VBj3VFap3vEUDcEKDY4gwAotzNWJUfkcfbf+yUNv AbOhKP9YNmsWimc8nE0xggM5MIIDNQIBATCBgjB9MRMwEQYDVQQDDApKZW5zIEFsZmtlMRYwFAYD VQQKDA1UaGUgTW9vc2V5YXJkMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxETAPBgNVBAcMCFNh biBKb3NlMSEwHwYJKoZIhvcNAQkBFhJqZW5zQG1vb3NleWFyZC5jb20CAQEwCQYFKw4DAhoFAKCC AYswGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDkwMzA4MDg0OTIx WjAjBgkqhkiG9w0BCQQxFgQUmLqWiwPNfNgCVJVYfMFovqDmA5UwgZMGCSsGAQQBgjcQBDGBhTCB gjB9MRMwEQYDVQQDDApKZW5zIEFsZmtlMRYwFAYDVQQKDA1UaGUgTW9vc2V5YXJkMQswCQYDVQQI DAJDQTELMAkGA1UEBhMCVVMxETAPBgNVBAcMCFNhbiBKb3NlMSEwHwYJKoZIhvcNAQkBFhJqZW5z QG1vb3NleWFyZC5jb20CAQEwgZUGCyqGSIb3DQEJEAILMYGFoIGCMH0xEzARBgNVBAMMCkplbnMg QWxma2UxFjAUBgNVBAoMDVRoZSBNb29zZXlhcmQxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzER MA8GA1UEBwwIU2FuIEpvc2UxITAfBgkqhkiG9w0BCQEWEmplbnNAbW9vc2V5YXJkLmNvbQIBATAN BgkqhkiG9w0BAQEFAASCAQA7fwnlmsGKlKYl8kOprbCe9+wlBKQONgPk4UDvLqVsihP64TaZlR3D jm1ru34cSiPFxQSQ0Lzw0J8uyVgfYjv4igza9brEG80/GiyjYrc/BXrvnJjHDNgbn+wJb906xEgK ImvkIviNThzNjSZGaRRqYTQZC8QHUgSZAB/Bx+j/rBzeDHgMpF+ld/Q9pExByee9qdS9EPd8tell +kv4VD2m0HsgzQhoBftukTqCpwJ13LKnCgKii23dmYPcvNGXcpOffkj0jdS2h4MYjvHwGIQS+Tuu dvdqa7xE9uypNyVLOS2eRlioxMKizY+ODPtGyoODIVpWS01Tb4dr7f2ZQYyjAAAAAAAA --Apple-Mail-63-496923537--