Collaborate Disseminate
Our company provides software to small businesses and includes an electronic signature system for them to let their customers sign agreements/documents online.
The current system’s claims to non-repudiation are reliant mainly on our compan… Continue reading Improve non-repudiation implementation for electronic signatures
Bitcoin is a pioneer in technological advancement and decentralization. As its creator states in the white paper, peer-to-peer… Continue reading How Bitcoin’s digital signature feature facilitates Web3 adoption
My Dell XPS 9310 has secure boot enabled and the BIOS is up to date and there are no manual keys added there.
Can I download a ubuntu .ISO from anywhere and flash into any computer without worrying about malwares? Will it boot the USB driv… Continue reading Do I need to verify a .ISO before flashing, if my laptop has secure boot?
We recently adopted Sigstore to do signing of our binary artifacts using a keyless approach. The framework allows to use the OIDC token provided by the EKS cluster (https://docs.sigstore.dev/certificate_authority/oidc-in-fulcio/#kubernetes… Continue reading Using keyless signing from sigstore cosign
I was thinking about how to ensure the authenticity of Node.js packages that are installed from a public registry like npmjs.com. The only mechanisms (optionally) in place to my understanding are:
ECDSA registry signatures. Which to my un… Continue reading How can authenticity be ensured for Node.js packages when using a public registry like npmjs.com?
I was looking to verify the digital signature (if any) on the openssl3.3.1.tar.gz download from OpenSSL. The "PGP sign" link has nothing behind it (thought it’d have an asc or sig file).
I was able to checksum the hash on the dow… Continue reading openssl tar download, verifying the signature [closed]
I have just started to study the TLS 1.2 protocol and would like to know what checks are performed on the client side by the browser when checking the server certificate. I would be glad if you could describe it in as much detail
Continue reading TLS Server Certificate Validations 1.2 [duplicate]
In the last days I have seen two apparent "breaches" of Docusign’s security. Neither are good evidence, but they illustrate the point:
Wall Street Millennial’s youtube review of Joonko’s fraud said "Raz created fake contrac… Continue reading What sort of security does Docusign provide?
We have received an electronically signed GDPR data request from a person who has only provided his name and surname. We wanted to be sure that this person is who he claims he is, so we have asked to additionally provide his national ID nu… Continue reading Is electronic signature a proper/sufficient mean for identification/authentication?
Do digital signatures still get stored after validating a transaction for a blockchain ?
I would assume it gets dumped after validation and only the message/data is stored.
Additional info on this scenario:
Private blockchain (PoA consens… Continue reading Does blockchain store digital signatures