ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalz_5.4.0.1/rzalzverifysigprocess.htm

76 lines
4.7 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Signature verification processing" />
<meta name="abstract" content="Learn how the process of verifying an object signature works and what parameters you can set for the process." />
<meta name="description" content="Learn how the process of verifying an object signature works and what parameters you can set for the process." />
<meta name="DC.Relation" scheme="URI" content="rzalzobjconcepts.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="verifysigprocess" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Signature verification processing</title>
</head>
<body id="verifysigprocess"><a name="verifysigprocess"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Signature verification processing</h1>
<div><p>Learn how the process of verifying an object signature works and
what parameters you can set for the process.</p>
<div class="p">You can specify the following options for signature verification processing.
<dl><dt class="dlterm">Error processing</dt>
<dd>You can specify what type of error processing the application is to use
when verifying signatures on more than one object. You can specify that the
application either stop verifying signatures when an error occurs or continue
verifying signatures on any other objects in the process.</dd>
<dt class="dlterm">Objects in subdirectories</dt>
<dd>You can specify how the application is to handle verifying signatures
on objects in subdirectories. You can specify that the application individually
verify signatures on objects in any subdirectories or that the application
only verify signatures for those objects within the main directory while ignoring
all subdirectories.</dd>
<dt class="dlterm">Core versus entire signature verification</dt>
<dd>There are system rules that determine how the system is to handle core
and entire signatures on objects during the verification process. These rules
are as follows: <ul><li>If there are no signatures on the object, the verify process reports the
object is not signed and continues verifying any other objects in the process.</li>
<li>If the object was signed by a system trusted source (IBM<sup>®</sup>), the signature
must match or the verification process fails. If the signature matches, the
verification process continues. The signature is an encrypted mathematical
summary of the data in the object; therefore, the signature is considered
to match if the data in the object during verification matches the data in
the object when it was signed.</li>
<li>If the object has any entire object signatures that are trusted (based
on certificates contained in the *SIGNATUREVERIFICATION certificate store),
at least one of these signatures must match or the verification process fails.
If at least one entire object signature matches, the verification process
continues. </li>
<li>If the object has any core object signatures that are trusted, at least
one of these must match a certificate in the *SIGNATUREVERIFICATION certificate
store or the verify process fails. If at least one core object signature matches
the verification process continues.</li>
</ul>
</dd>
</dl>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalzobjconcepts.htm" title="Use this concept and reference information to learn more about digital signatures and the object signing and signature verification processes work.">Object signing concepts</a></div>
</div>
</div>
</body>
</html>