A signature associates an artifact (descriptor, warrant, certificate, Jar) with a principal. It indicates that the principal either constructed the artifact, or approved of its construction.
Role of principal | Signed artifacts |
---|---|
Service operator | Warrant, descriptor |
Netlet developer | Descriptor, Jar files |
Netlet owner | Descriptor |
Certification agency | Descriptor, Jar files, certificates |
Signature verification requires presence of the signer's public key.
Keys are distributed in warrants, and optionally, in X.509 certificates
(see Figure ). Keys are transmitted, for example,
during the binding process.
The certificate used for verification is tied to the signature via the principals X.500 DN.