Changes between Version 2 and Version 3 of SignatureCheck

Timestamp:

Feb 7, 2021, 10:51:27 PM (4 years ago)

Author:

4juergen

Comment:

--

SignatureCheck

@@ -2 +2 @@
 
 [http://renew.de Renew] is a high-level Petri net simulator written in Java.
-This file tells you the most rudimentary information about Renew.
-It should suffice to get Renew running and to extract the full documentation from the archives.
+
+Signed Renew contains two plugins which are not included in the normal Renew release.
+The two Plugins are the SignatureCheck Plugin and the NetSigner Plugin.
+Both Plugins use signatures to build trust between the author of a work and the product.
+The SignatureCheck Plugin does this for Plugins and the NetSigner Plugin for Nets.
 
 '''Here we provide a download for reviewers: TODO'''
@@ -30 +33 @@
   java -p .:libs -m de.renew.loader gui
 
+Windows needs a slightly different command:
+
+  java -p ".;libs" -m de.renew.loader gui
+
 The documentation contains a few hints on alternative commands or settings to start the application.
+
+== SignatureCheck Plugin ==
+The SignatureCheck Plugin ensures that only signed plugins get loaded.
+This is useful, if the plugin gets distributed over an unsecure channel, for example a server which is not under the control of the author.
+
+The plugin uses OpenPGP signatures generated by [https://docs.gradle.org/current/userguide/signing_plugin.html Gradles Signing Plugin].
+The signatures are compatible with the format required by the [http://central.sonatype.org/pages/requirements.html#sign-files-with-gpgpgp Maven Central Repository].
+
+Signed Plugins can not be modified by untrusted third parties.
+This makes it possible that the plugin can be stored on a server, which isn't in the control of the plugin author.
+
+Which authors are trustworthy can be decided by the user.
+Only plugins from these authors will be loaded.
+
+Using only plugins, which are linked via a signature to trusted authors provides security advantages.
+Unknown third parties can't disguise themself as trusted authors.
+
+== NetSigner Plugin ==
+Renews Net Drawings can contain Java code.
+This code will be executed in simulations and can do changes to the computer on which the code runs.
+There should be a straightforward way to know who wrote the Java code inside the Net, so a user can decide if they trust the author.
+The NetSigner Plugin can provide this information.
+
+This plugin uses X.509 Certificates to check the identity of a user.
+Every user who wants to sign a Net Drawing needs a X.509 a Code Signing Certificate or a personal E-Mail Certificate.
+
+Signed nets provide information about who signed it.
+So a user can check that the file comes from the right author, even when the file was transmitted over an untrusted way (for example a file host website, an unencrypted E-Mail or any third person).
+The verification of the identity comes from a trusted Certificate Authority (CA).
+The author verified it's identity to the CA and the programm has a list of CAs that are trustworthy.
+It is the same technology which is used by signed executables (executables or installers which show a Company name in the admin privilige Screen on Windows).
+
+It also protects the file from manipulation.
+The signature contains a hash (checksum) over the Net.
+So nobody can modify the Net without breaking the signature.
+A storage or transmittion error can also be detected as manipulation, but cannot be fixed by this format.
 
 == Further reading ==