Jeff's Digital Notary

---

Version:	0.5
Author:	Jeffrey Clement
Status:	Active

A web-based digital notary service. Written in Python allows you to setup your own digital notary really quickly. It uses GPG for all signing.

Project Description

1. What is it?

This software is a web based application for running a Digital Notary.

2. Admins: Setting up your own notary

2.1. Install Python 2.2 and GnuPG on your server

The Notary program is written in Python and uses GnuPG for encrypted. Make sure your system has both of these packages installed.

2.2. Generate a new GnuPG key for your notary

I wouldn't suggest using your personal key just in case it is compromised.

Listing #1
1.   $ gpg --gen-key

Make sure to pick a good pass-phrase and all that stuff

2.3. Unzip the notary package and configure it

In the files shipped with the notary there is MainServer.cfg. This is the notary server config file. Edit this with your favorite editor. The file will look like this:

Listing #2
1.   # =====================================================================
2.   #  Jeff's Digital Notary Config File
3.   #
4.   # Make changes to the options below to setup your notary.
5.   # =====================================================================
6.   
7.   [server]
8.   # which port should the notary server listen to?  If you want it to bind
9.   # to a port < 1024 you will have to run the server as root.  This isn't
10.  # recommended.
11.  socketPort=8000
12.  
13.  # should server be multithreaded?  Usually leave as Yes unless you are
14.  # running the server behind a real server like Apache
15.  # threading = 1 or 0
16.  threading=1
17.  
18.  # should this server support XMLRPC?  XMLRPC allows remote programs to
19.  # call the signing functions without using a web browser.  Usually leave
20.  # this set to 1 (on).
21.  xmlRpc=1
22.  
23.  # log file
24.  logFile=logs/access.log
25.  
26.  [signer]
27.  # This is a text file containing the message you would like to place in
28.  # the signed message.  (if commented out, default text will be used)
29.  #messageFile=message.txt
30.  
31.  [gpg]
32.  # UserID (email address/keyid) of GPG key used for signing.  If commented
33.  # out then the default key will be used.
34.  #uid=jclement@calgary.linux.ca
35.  
36.  # Password for GPG key used for signing.  I would suggest not putting it
37.  # in here and instead typing it in yourself on server startup.  This
38.  # will make it a bit more difficult for people to steal your password.
39.  #password=secret123

2.4. Start the server

Now we can startup the server

Listing #3
1.   $ python MainServer.py

You may need to type in the password for your GPGKey if you didn't supply it in the config file (don't do this over telnet or rsh!).

Now test the server by visiting http://localhost:port/.

3. Notes

• This setup requires that users of your notary trust you. For example: Since I have the password for my Private key I can easily forge messages and sign them. The users must trust me not to.

4. Todo

• More configurable UI
• Write some clients for it

Requirements

• Python 2.1+
• GnuPG
• CherryPy 0.8+

Links

• http://notary.bluesine.com
  Bluesine Notary - Run by me (try it out)

License

This software is licensed under the MIT license. Please make sure you have read and understood this license before downloading this software!

Copyright (c) 2003 Jeffrey Clement

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Downloads

File	Size	Last Modified
ChangeLog	0.00 kb	Thu Sep 23 06:16:05 2004
notary-0.5-src.tar.gz	64.60 kb	Thu Sep 23 06:16:06 2004
notary-0.5-src.tar.gz.asc	0.18 kb	Thu Sep 23 06:16:05 2004
notary-snapshot.tar.gz	63.67 kb	Thu Sep 23 06:16:06 2004