Quote:
Keys sign the file.
Could this be done by appending a file itself?
...Possibly. But that would change the SHA-1 hash after every append
There has to be something I missed. Where would signatures go?
|
My suggestion was to make signatures separate files. The description line for a signature file is something like SHA1(signed content)+" signed by "+SHA1(public key of signer), and the content of the signature file is the signature itself. One could generalize this to support certificates that rate files or bind names to keys.
The problem with this is that individual signatures (or certificates) are pretty unpopular items, so they might be hard to find using Gnutella. One way to fix it is to "piggyback" signature files on content files, so that they move around together. Unfortunately, if there are many signatures for a given content file, this is not practical.
Another solution is to observe that each individual only cares about singatures by the people they trust. Therefore, each person should store their own signature files (certificates). People who trust one another can also store each other's certificates. This way, a group of mutually-trusting individuals can efficiently find each another's certificates.
Quote:
Also.. what about signing to prove you were the one who ripped the file? (I would like to show that "I did this", I don't care much about the RIAA. It should be an option, as far as I know). Can a key carry an "original" tag if nobody else has signed it yet. I suppose so...
|
You can't really prove that you ripped the file and someone else didn't -- at least not without a full-blown digital rights management system (which is exactly what the RIAA wants to control the dissemination of digital music). However, you can certainly create the digital statement "I did this". Trouble is, someone else could create the same statement. The fix to this is to sign your statement with a key that other people know only belongs to you. This is the general problem that PKIs try to solve.
The basic idea is to publish your public key under a well-known name (like your email address). Your friends also sign certificates saying "Yeah, this email address is bound to that key". Other people who need to find your key look for one of these name-binding certificates signed by someone they trust (this is basically how PGP's web of trust works, though I omitted some details). You could imagine richer "digital identity systems" that bind stuff like your real name, social security number, and even digital picture to your public key. These certificates would be signed by well-known government or corporate entities, and so could be used in various secure digital applications.
Are we offtopic enough yet?