Next: Communication sessions Up: Naming and certification Previous: Authentication Contents Index
A signature associates an artifact (descriptor, warrant, certificate, Jar) with a principal. It indicates that the principal either constructed the artifact, or approved of its construction.
| Role of principal | Signed artifacts |
|---|---|
| Service operator | Warrant, descriptor |
| Netlet developer | Descriptor, Jar files |
| Netlet owner | Descriptor |
| Certification agency | Descriptor, Jar files, certificates |
Signature verification requires presence of the signer's public key.
Keys are distributed in warrants, and optionally, in X.509 certificates
(see Figure ![[*]](crossref.png)
). Keys are transmitted, for example,
during the binding process.
The certificate used for verification is tied to the signature via the principals X.500 DN.