[Top] [Prev] [Next]

verify - command to authenticate receiver of blinded certificate

lib/verify set-top-box-id

Description

The verify command is used at a 'signer' server to extract information from the /keydb/signed/set-top-box-id file previously created by the signer daemon. That information consists of the previously crafted authentication certificate and the 'blinded' version of the certificate that was sent to the requesting client.

The verify command displays the 'blinded' version textually or graphically, as appropriate, so that it can be compared to that reported by the set-top-box owner over a secure independent mechanism (for example, telephone). If the operator of verify is convinced of the identity of the caller, the operator should reply affirmatively when prompted for acceptance.

If the owner's identity is accepted, the verify command writes the authentication certificate to the /keydb/countersigned/set-top-box-id file, input for the countersigner daemon.


NOTE:

After the operator of verify accepts the identity, the set-top-box owner should be informed to respond affirmatively to the prompt being displayed by the register command. The order of acceptance (first on the signer host) then on the client is important.


Files
/keydb/signed/set-top-box-id

/keydb/countersigned/set-top-box-id

See Also
signer, countersigner - daemons for set-top box authentication

register - command to register set-top-box identity with signer



[Top] [Prev] [Next]

infernosupport@lucent.com
Copyright © 1996,Lucent Technologies, Inc. All rights reserved.