76 lines
4.7 KiB
HTML
76 lines
4.7 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Signature verification processing" />
|
||
|
<meta name="abstract" content="Learn how the process of verifying an object signature works and what parameters you can set for the process." />
|
||
|
<meta name="description" content="Learn how the process of verifying an object signature works and what parameters you can set for the process." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzalzobjconcepts.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="verifysigprocess" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Signature verification processing</title>
|
||
|
</head>
|
||
|
<body id="verifysigprocess"><a name="verifysigprocess"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Signature verification processing</h1>
|
||
|
<div><p>Learn how the process of verifying an object signature works and
|
||
|
what parameters you can set for the process.</p>
|
||
|
<div class="p">You can specify the following options for signature verification processing.
|
||
|
<dl><dt class="dlterm">Error processing</dt>
|
||
|
<dd>You can specify what type of error processing the application is to use
|
||
|
when verifying signatures on more than one object. You can specify that the
|
||
|
application either stop verifying signatures when an error occurs or continue
|
||
|
verifying signatures on any other objects in the process.</dd>
|
||
|
<dt class="dlterm">Objects in subdirectories</dt>
|
||
|
<dd>You can specify how the application is to handle verifying signatures
|
||
|
on objects in subdirectories. You can specify that the application individually
|
||
|
verify signatures on objects in any subdirectories or that the application
|
||
|
only verify signatures for those objects within the main directory while ignoring
|
||
|
all subdirectories.</dd>
|
||
|
<dt class="dlterm">Core versus entire signature verification</dt>
|
||
|
<dd>There are system rules that determine how the system is to handle core
|
||
|
and entire signatures on objects during the verification process. These rules
|
||
|
are as follows: <ul><li>If there are no signatures on the object, the verify process reports the
|
||
|
object is not signed and continues verifying any other objects in the process.</li>
|
||
|
<li>If the object was signed by a system trusted source (IBM<sup>®</sup>), the signature
|
||
|
must match or the verification process fails. If the signature matches, the
|
||
|
verification process continues. The signature is an encrypted mathematical
|
||
|
summary of the data in the object; therefore, the signature is considered
|
||
|
to match if the data in the object during verification matches the data in
|
||
|
the object when it was signed.</li>
|
||
|
<li>If the object has any entire object signatures that are trusted (based
|
||
|
on certificates contained in the *SIGNATUREVERIFICATION certificate store),
|
||
|
at least one of these signatures must match or the verification process fails.
|
||
|
If at least one entire object signature matches, the verification process
|
||
|
continues. </li>
|
||
|
<li>If the object has any core object signatures that are trusted, at least
|
||
|
one of these must match a certificate in the *SIGNATUREVERIFICATION certificate
|
||
|
store or the verify process fails. If at least one core object signature matches
|
||
|
the verification process continues.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalzobjconcepts.htm" title="Use this concept and reference information to learn more about digital signatures and the object signing and signature verification processes work.">Object signing concepts</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|