--- a/Overview-UseCases.xml Thu Dec 06 18:14:42 2012 -0500
+++ b/Overview-UseCases.xml Thu Dec 06 18:21:51 2012 -0500
@@ -150,13 +150,14 @@
<span class="comment">// Message generated by GB... the ellipsis are added. </span>
var cat = "qANQR1DBw04Dk2uPpEjcJT8QD/0VCfFK2XDM5Cg4iTRwmXrB+Pp8SMK5x09WkYqc... ";
- <span class="comment">/* 1. Generate an ArrayBufferView of the overall message.
+ <span class="comment">/**
+ 1. Generate an ArrayBufferView of the overall message.
2. Bit-manipulate this with the ArrayBufferView API to obtain the portion of bytes
constituting the signature as an ArrayBufferView, and the message as an ArrayBufferView.
3. Obtain the public key of GB from IndexedDB -- pubGBKeySign -- a step not shown here.
4. Verify the signature ... assume GB provides a method getSignature() to obtain a signature
from the server against which the message's signature can be verified.
- */</span>
+ **/</span>
var data = createArrayBufferView(cat);
var signature = extractSignature(data);
@@ -200,10 +201,10 @@
signer.onprogress = function(e){e.target.complete();}
signer.oncomplete = function(evt)
{
- <span class="comment">/* Combine signature and signed data into an ArrayBuffer
+ <span class="comment">/*
+ Combine signature and signed data into an ArrayBuffer
Use XHR to send signed data back...
Wait for auth token...
-
*/ </span>
}
}
@@ -218,10 +219,10 @@
</x:codeblock>
</div>
- His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate. Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following the authentication cycle describe above:</p>
+ His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate. Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following an authentication cycle such as the one described above:</p>
<ol>
- <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB. These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
- <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang. Such documents include confidential financial information. [<a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li>
+ <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB. These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#verify">VERIFY</a> | <a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
+ <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang. Such documents include confidential financial information. [<a href="#sign">SIGN</a> | <a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li>
</ol>
<p>If GB wishes to "cache" aspects of reusuable authentication code, but cannot avail of a code signing system, GB can employ a similar data integrity mechanism that the <a href="#data-integrity">social networking site uses</a>. Moreover, Jae-sang or GB may at any time reinitiate a key generation for subsequent transactions.</p>
</div>
--- a/Overview.html Thu Dec 06 18:14:42 2012 -0500
+++ b/Overview.html Thu Dec 06 18:21:51 2012 -0500
@@ -166,13 +166,14 @@
<span class="comment">// Message generated by GB... the ellipsis are added. </span>
var cat = "qANQR1DBw04Dk2uPpEjcJT8QD/0VCfFK2XDM5Cg4iTRwmXrB+Pp8SMK5x09WkYqc... ";
- <span class="comment">/* 1. Generate an ArrayBufferView of the overall message.
+ <span class="comment">/**
+ 1. Generate an ArrayBufferView of the overall message.
2. Bit-manipulate this with the ArrayBufferView API to obtain the portion of bytes
constituting the signature as an ArrayBufferView, and the message as an ArrayBufferView.
3. Obtain the public key of GB from IndexedDB -- pubGBKeySign -- a step not shown here.
4. Verify the signature ... assume GB provides a method getSignature() to obtain a signature
from the server against which the message's signature can be verified.
- */</span>
+ **/</span>
var data = createArrayBufferView(cat);
var signature = extractSignature(data);
@@ -216,10 +217,10 @@
signer.onprogress = function(e){e.target.complete();}
signer.oncomplete = function(evt)
{
- <span class="comment">/* Combine signature and signed data into an ArrayBuffer
+ <span class="comment">/*
+ Combine signature and signed data into an ArrayBuffer
Use XHR to send signed data back...
Wait for auth token...
-
*/ </span>
}
}
@@ -234,10 +235,10 @@
</code></pre></div></div>
</div>
- His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate. Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following the authentication cycle describe above:</p>
+ His browser presents this key every time he accesses the website and enters his password, which effectively binds his username and password to the generated private key and certificate. Additionally, Jae-sang can digitally sign online checks, authorize payments, and sign tax forms that he submits to the bank site using this generated key [<a href="#sign">SIGN</a>]. He can also perform the following tasks, following an authentication cycle such as the one described above:</p>
<ol>
- <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB. These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
- <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang. Such documents include confidential financial information. [<a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li>
+ <li><p>Receive documents from GB via HTTP that only he can read, with the assurance that they have come from GB and only GB. These include his private bank statements and tax documents, which are signed with his public key, already obtained in a previous step. [<a href="#verify">VERIFY</a> | <a href="#decrypt-pki">DECRYPT-PKI</a> | <a href="#decrypt">DECRYPT</a>]</p></li>
+ <li><p>Submit documents to GB that only GB can read, with the assurance that these have come from Jae-sang. Such documents include confidential financial information. [<a href="#sign">SIGN</a> | <a href="#encrypt-pki">ENCRYPT-PKI</a>]</p></li>
</ol>
<p>If GB wishes to "cache" aspects of reusuable authentication code, but cannot avail of a code signing system, GB can employ a similar data integrity mechanism that the <a href="#data-integrity">social networking site uses</a>. Moreover, Jae-sang or GB may at any time reinitiate a key generation for subsequent transactions.</p>
</div>