Signatures

A signature associates an artifact (descriptor, warrant, certificate, Jar) with a principal. It indicates that the principal either constructed the artifact, or approved of its construction.



Role of principal Signed artifacts
Service operator Warrant, descriptor
Netlet developer Descriptor, Jar files
Netlet owner Descriptor
Certification agency Descriptor, Jar files, certificates



Signature verification requires presence of the signer's public key. Keys are distributed in warrants, and optionally, in X.509 certificates (see Figure [*]). Keys are transmitted, for example, during the binding process.

The certificate used for verification is tied to the signature via the principals X.500 DN.



Ulf Leonhardt 2001-08-16