Mercurial > hg > webcrypto-usecases / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset
Cleaned up banking example including spacing
author"arangana <arun@mozilla.com>"
Thu, 06 Dec 2012 18:21:51 -0500
changeset 8 05e48152d15c
parent 7 7fd50810ea87
child 9 55366feb64c4
Cleaned up banking example including spacing
Overview-UseCases.xml
Overview.html 
--- a/Overview-UseCases.xml	Thu Dec 06 18:14:42 2012 -0500
+++ b/Overview-UseCases.xml	Thu Dec 06 18:21:51 2012 -0500
@@ -150,13 +150,14 @@
         <span class="comment">// Message generated by GB... the ellipsis are added. </span>
         var cat = "qANQR1DBw04Dk2uPpEjcJT8QD/0VCfFK2XDM5Cg4iTRwmXrB+Pp8SMK5x09WkYqc... ";
 
-        <span class="comment">/* 1. Generate an ArrayBufferView of the overall message.
+        <span class="comment">/** 
+          1. Generate an ArrayBufferView of the overall message.
           2. Bit-manipulate this with the ArrayBufferView API to obtain the portion of bytes 
           constituting the signature as an ArrayBufferView, and the message as an ArrayBufferView.
           3. Obtain the public key of GB from IndexedDB -- pubGBKeySign -- a step not shown here.
           4. Verify the signature ... assume GB provides a method getSignature() to obtain a signature
              from the server against which the message's signature can be verified.
-          */</span>
+          **/</span>
 
         var data = createArrayBufferView(cat);
         var signature = extractSignature(data);
@@ -200,10 +201,10 @@
             signer.onprogress = function(e){e.target.complete();}
             signer.oncomplete = function(evt)
             {
-            <span class="comment">/* Combine signature and signed data into an ArrayBuffer
+            <span class="comment">/* 
+                                     Combine signature and signed data into an ArrayBuffer
                                      Use XHR to send signed data back...
                                      Wait for auth token...
-
                                   */ </span>
             }
         }
@@ -218,10 +219,10 @@
        </x:codeblock>
       </div>
 
-      His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate.  Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following the authentication cycle describe above:</p>
+      His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate.  Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following an authentication cycle such as the one described above:</p>
       <ol>
-        <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB.  These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
-        <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang.  Such documents include confidential financial information. [<a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li> 
+        <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB.  These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#verify">VERIFY</a> | <a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
+        <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang.  Such documents include confidential financial information. [<a href="#sign">SIGN</a> | <a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li> 
       </ol>
       <p>If GB wishes to "cache" aspects of reusuable authentication code, but cannot avail of a code signing system, GB can employ a similar data integrity mechanism that the <a href="#data-integrity">social networking site uses</a>.  Moreover, Jae-sang or GB may at any time reinitiate a key generation for subsequent transactions.</p>
     </div>
--- a/Overview.html	Thu Dec 06 18:14:42 2012 -0500
+++ b/Overview.html	Thu Dec 06 18:21:51 2012 -0500
@@ -166,13 +166,14 @@
         <span class="comment">// Message generated by GB... the ellipsis are added. </span>
         var cat = "qANQR1DBw04Dk2uPpEjcJT8QD/0VCfFK2XDM5Cg4iTRwmXrB+Pp8SMK5x09WkYqc... ";
 
-        <span class="comment">/* 1. Generate an ArrayBufferView of the overall message.
+        <span class="comment">/** 
+          1. Generate an ArrayBufferView of the overall message.
           2. Bit-manipulate this with the ArrayBufferView API to obtain the portion of bytes 
           constituting the signature as an ArrayBufferView, and the message as an ArrayBufferView.
           3. Obtain the public key of GB from IndexedDB -- pubGBKeySign -- a step not shown here.
           4. Verify the signature ... assume GB provides a method getSignature() to obtain a signature
              from the server against which the message's signature can be verified.
-          */</span>
+          **/</span>
 
         var data = createArrayBufferView(cat);
         var signature = extractSignature(data);
@@ -216,10 +217,10 @@
             signer.onprogress = function(e){e.target.complete();}
             signer.oncomplete = function(evt)
             {
-            <span class="comment">/* Combine signature and signed data into an ArrayBuffer
+            <span class="comment">/* 
+                                     Combine signature and signed data into an ArrayBuffer
                                      Use XHR to send signed data back...
                                      Wait for auth token...
-
                                   */ </span>
             }
         }
@@ -234,10 +235,10 @@
        </code></pre></div></div>
       </div>
 
-      His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate.  Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following the authentication cycle describe above:</p>
+      His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate.  Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following an authentication cycle such as the one described above:</p>
       <ol>
-        <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB.  These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
-        <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang.  Such documents include confidential financial information. [<a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li> 
+        <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB.  These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#verify">VERIFY</a> | <a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
+        <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang.  Such documents include confidential financial information. [<a href="#sign">SIGN</a> | <a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li> 
       </ol>
       <p>If GB wishes to "cache" aspects of reusuable authentication code, but cannot avail of a code signing system, GB can employ a similar data integrity mechanism that the <a href="#data-integrity">social networking site uses</a>.  Moreover, Jae-sang or GB may at any time reinitiate a key generation for subsequent transactions.</p>
     </div>
webcrypto-usecases

Hosted by W3C Systems Team, please report bugs to sysreq@w3.org