SIGN(1) SIGN(1)
NAME
sign, verify, enroll, resign - document certification
SYNOPSIS
sign [ -n name ] [ file ]
verify [ -s ] [ file ]
enroll
resign
DESCRIPTION
These routines provide a document-certification service.
Sign reads a document from the file or from the standard
input, demands a signing password for the current login id,
and places on standard output a signed and dated copy of the
document, with a cryptographic certificate attached. The
resulting document can be embedded in a larger one. The
option is
-n name
Set the signing name; its password will be demanded.
Verify scans the file or the standard input for a certified
document. If the document and date are as they were when
certified, except possibly indented, the verified document
is placed on the standard output with a statement of verifi-
cation attached. The option is
-s Do not print the document; place only a statement of
verification on the standard output.
The signer of a document must be registered with the certi-
fication service; the recipient need not be. Two commands
handle registration:
Enroll demands a signing password and registers it for the
current login id. It is unwise to use your login password.
Resign demands the signing password and, if it is correct,
terminates the registration for the current login id.
A signed document and its date are tamperproof and thus are
good for ordinary business purposes. The mere appearance of
a certificate, however, is not proof of authenticity. That
can be determined only by verify. The output of verify lacks
a certificate; its authenticity cannot be attested at a
later date.
SIGN(1) SIGN(1)
There is no notion of an `original' signed document; all
copies are equally good and may be reverified at will.
Signers must trust sign and recipients must trust verify not
to have been tampered with on their respective machines.
Both parties must trust the verification service, which is
on a separate secure machine, and the communication channels
to it.
EXAMPLES
sign <doc.raw >doc.cert
verify <doc.suspect >doc.checked
sign <letter | mail whomever
The recipient can verify the letter from within mail(1)
by using mail's pipe command: `|verify'.
SEE ALSO
notary(8)
DIAGNOSTICS
Verify yields exit status 0 only on successful verification.
`Bogus' - the document has been tampered with, or the origi-
nal password is no longer registered.
BUGS
Only one user with a given login name may be registered;
thus the certification service cannot be extended too far.
To minimize dependence on the certification service, no
password check is made at signing. A mistyped password will
not show up until verification.