[sword-devel] encryption and integrity checking.

Manfred Bergmann bergmannmd at web.de
Wed Mar 11 02:44:17 MST 2009


Just a thought.

What about signing the module with a private key.
Every frontend has to have the public key included somewhere hidden.
This would enable an integrity check.


Manfred


Am 11.03.2009 um 09:04 schrieb Peter von Kaehne:

> One of the problems which has come up again and again when discussing
> with publishers has been the worry that texts which are released to
> CrossWire become an easy target for abuse - either commercial abuse  
> with
> texts of some commercial importance or, more worrying to me at least -
> manipulation of texts by cults and other entities.
>
> What possible solutions could we offer to provide text encryption and
> integrity checking in a plausible way which would not violate GPL and
> goes beyond our current practice of simply incorporating a key into  
> the
> conf files?
>
> This is a serious and important question. I am aware of several texts
> which we did not get or where people hesitate because this is not
> possible right now.
>
> Peter
>
> _______________________________________________
> sword-devel mailing list: sword-devel at crosswire.org
> http://www.crosswire.org/mailman/listinfo/sword-devel
> Instructions to unsubscribe/change your settings at above page




More information about the sword-devel mailing list