Common Security: CDSA and CSSM, Version 2
Copyright © 1999 The Open Group

Signed Manifests-The Architecture

Signed manifests describe the integrity and authenticity of a collection of digital objects, where the collection is specified as an acyclic connected graph with an arbitrary number of nodes representing arbitrary typed digital objects. Digital signaturing based on public key infrastructure is the basic integrity mechanism for manifests. The signed manifest is data type-agnostic allowing referents in the manifest to be other signed manifests or other types of signed objects.

Figure: Signed Manifest Architectural View

The signed manifest is built from the following components:

The manifest describes a collection of digital objects. It contains one or more manifest sections, where each section refers to one of the objects within the collection of objects being described. A section contains a reference to the object, attributes about the object, a list of digest algorithm identifiers that were used to digest the object, and a list of the associated digest values. The description is human-readable.
The signer's information describes a list of references to one or more sections of the manifest. Each reference includes a signature information section which contains a reference to a manifest section, a list of digest algorithms identifiers used to digest the manifest section, a list of digest values for each specified algorithm identifier, and any other attributes that the signer may wish to be associated with the manifest section. It is possible for a signer to sign only part of a manifest description. Using this structure, it is possible to add signer-specific assertions or attributes to the object being signed. This description is human-readable.
The signature block contains a signature over the signer's information. The signature block is encoded in the particular format required by the signature block representation, for example, for a PKCS#7 signature block, the encoding format is BER/DER.

The relationship of these components is shown in Relationships of Manifest, Signer's Info and Signature Block.

Figure: Relationships of Manifest, Signer's Info and Signature Block

These three objects must be zipped to form a single set of credentials. Multiple implementations of standard zip algorithms interoperate on one or more platforms, hence a zipped, signed manifest retains a substantial degree of interoperability.

The format used to describe both the manifest and the signer's information are a series of Name:Value pairs, (RFC 822). Binary data of any form is represented in base64. Continuations are required for binary data which causes line length to exceed 72 bytes. Examples of binary data are digests and signatures.

Click here to return to the publication details.

Contents

Next section

Index