signature publication management #25
Comments
|
I'm a little rusty on the process right now, but I believe that gets bundled up into the master hash that gets published in the blockchain, right? I might be mistaken, so don't hesitate to call me out :) |
|
Hey @ppsirg You’re right to bring this up. A colleague of mine is actually working on a web interface that will make this whole process simpler. More details on the way, in the mean time… There are a number of ways of completing step 7 depending on how much data you want to commit to the blockchain. Some people may not be comfortable hashing all of the items listed in section 6 (for example a picture, if hosted publicly, presents privacy issues). The quickest way:
Note: Depending on the software you use some will produce detached signatures giving you two hashes like the one we did in the demo: BN_PASSPORT_TEMPLATE_2.png Because CryptoGraffiti puts all the data in to one transaction it doesn’t matter too much. More detailed method:
This is more involved. The advantage to using a JSON file at step 1 is that it will make your ID card ‘headless’. That means the new citizen can change the design later if they want to and as long as the data on the ID card is consistent it will all match the blockchain entry. One Hash For All Files This is where things get more complex. I did a demonstration using a simple Python script in France last year to show how it can be done: https://gist.github.com/MrChrisJ/e0f8551d0a276dc0bbd8 This way you have a merkle root and as long as you publish the documentation of how you arrived at the final hash etc then anyone can simply repeat the process to confirm. There are many other people working on this problem and the ideal situation is some kind of open standard that everyone adheres to. I am busy on another project right now but I plan to revisit this one in the next 4-6 weeks. Any other questions please let us know. I will do my best to clean up the current read me, pull requests welcome :) |
|
@MrChrisJ is more clear now what proof of publication means(the hash that is pubhished is the one of the signature in order to verify that), and proofofexistence.com service makes more easy, so files publication can not be that safe at all(i mean, you can publish them encrypted if a *.tar.bz file or something like that), i was interested because i did a little implementation of World-Citizenship for Coinfest Bogota attendees registration, you can find it here http://bit.ly/1DKzG2H, i did'nt proof of publication because it was a little confusing, im a total noob in github and collaboration (i have only worked on bitbucket doing privative software), i will try to submit pull request, but im kind of confused about how to. thanks for your work and thanks all contributors for their work as well |
hello, files like images and json data are signed in order to detect any possible change, but document doesnt say when or how those signatures must be published or if they sould be published or not, but remember that signatures publication are more important that hash publication, you can always create a new hash knowing the hashing algorithm was used to create the signature and verify data with signature and public file
The text was updated successfully, but these errors were encountered: