register - command to register set-top-box identity with
signer
Register is intended for use on a set top box (or similar
device). It connects to signer, a machine configured to sign
certificates, and obtains an authenticated certificate based on the contents
of (the set top box ID in non-volatile memory). The certificate is saved in
the file for later use. If no signer is named explicitly, the
$SIGNER named in db (6) is used instead.
There are several phases to obtaining the certificate.
- 1.
- The register command interacts with signer (8) on the signing host
to construct the certificate. This certificate is `blinded' by a random
bit mask, sent back to register which displays it in textual or
graphical form to the user.
- 2.
- The user running register must use an independent, secure mechanism
(for example, an untapped telephone call) to communicate with a human
agent at the site acting as signer. That agent runs verify
(see signer (8)) to display the same `blinded' certificate that was
shown to register's user at the client. Once the agent is convinced
that the `blinded' certificate has been delivered to the correct party,
the agent tells verify to accept the identity of the caller.
- 3.
- Register then connects to the countersigner process (see
signer (8)) to obtain the bitmask needed to `unblind' the previously
received certificate. This step can only validly be performed after the
successful completion of verify on the signer.
- /nvfs/ID
- File emulating set top box-id in ROM.
- /nvfs/default
- Repository of authenticated certificate.
- /services/cs/db
- Default definition of `signer' host.