Collaborate Disseminate
We are considering to build a Windows application that is split in 2 parts:
one Windows service
some Add-Ins for Microsoft Office, Microsoft Management Console (MMC) and PowerShell.
Additional info:
The service and the Add-Ins are digit… Continue reading How to authenticate an Add-In on interprocess communication?
Two questions on signatures.
I am trying to understand the various types of "trust signature". The man page says, "For more information please read the sections “Trust Signature” and “Regular Expression” in RFC-4880."… Continue reading Validity, Owner Trust, Trust Signatures & Certification Level
In the SSH spec, Section 7.1, key exchange algorithms are distinguished based on whether they require an "encryption-capable" or a "signature-capable" host key algorithm.
If I understood their details correctly, the wel… Continue reading Examples of SSH key exchange algorithms requiring encryption-capable host keys
There’s something I don’t understand about signatures in Google Maps APIs.
The documentation says "We strongly recommend that you use both an API key and digital signature, regardless of your usage". In this case we are talking a… Continue reading What’s the purpose of signatures in Google Maps APIs?
I am working on an application where the general approach is signing most response payloads with HMAC, but there are a couple of endpoints that return text/event-stream in the response. What is the common approach in such cases?
What is the secure way to support dev mode and production modes on embedded systems that support digital signing. Dev mode will skip signature verification.
Having created a certificate for electronic signing within Adobe Acrobat DC, can I authenticate documents signed using it by issuing a signed paper statement to recipients stating that it would be authentic if the properties of the e-signa… Continue reading Authenticating Adobe .pdf electronic signatures
Most tutorials on the net only mention sending the digital signature attached to the document, but without the digital signature certificate, it’ll be impossible for receivers to verify the signature. I’m assuming that the digital certific… Continue reading How is the digital certificate sent alongside digital signatures?
Several sites, like this states that
You can obtain a digital signature from a reputable certificate
authority such as Sectigo
But digital signature is something you create using a piece of text and your private key using a signing algor… Continue reading Why is it said that we can obtain a digital signature from a CA when all we obtain from the CA is a certificate?
I have a table in my database where I store records to be processed later (basically orders that need to be invoiced or something similar, but this is not the important part).
Since this software runs on-premises, admins control the databa… Continue reading Sign records in a database