Answer the question
In order to leave comments, you need to log in
E
E
exmate2021-02-19 17:56:07
exmate, 2021-02-19 17:56:07
How to organize the signing of a document by hundreds of people using self-validated EDS?
Good afternoon Dear IT-shniki.
I will describe the problem first.
In a fictitious country, W. issue some international documents that allow you to drive huge machines around the world. These documents must be renewed every 5 years. The cunning rulers of the U. country came up with the idea of taking baksheesh in the amount of 4 kue to 15 kue (depending on the vehicle being driven and your position). The problem is not even baksheesh, because. in another country, R. is also taken, but in the fact that without baksheesh it is now impossible to confirm your knowledge from the word it’s already been two years since (for 20 ++ years I have never paid anyone).
So, there is an international organization that can terminate these 100% purchased diplomas. Approximately 80% of workers are for taking out rubbish from the hut, because after 6 months of struggle the situation has not changed - our rulers are simply laughing at us. Many do it individually. But as you understand, the majority do not want to shine their position, because you can lose your job, since confirming knowledge in another country is still a hemorrhoid.
Task: organize the signing of the petition by self-signed ECRs. Moreover, so that I can remove the left signatures, except for those who send me a photo of themselves, their diploma and the hash of the public key.
Many people are far from the EDC, my knowledge is enough to write a simple console program with a key generator call for the simplest possible procedure.
So far I'm thinking in the direction of a simple site with a call via CGI: 1 - to check against the key database, which I will entrust signing the document (I'm going to sign the PDF). 2 - to call the utility to sign this PDF. A long time ago I studied PCP - so I think that I will master or hire someone who finished my studies :).
Am I right or is there a simpler method?
Thank you for any help in the fight against lawlessness.
3 answer(s)
@rPman
@exmate
It is necessary to organize the collection of document signatures on the site. I would like the signatures to be embedded (as in PDF, let's say) and not a bunch of files (assuming over 1000 signatures) with an encoded hash.
Let's say I'm going to collect a database with pictures of people, their documents against the background of their key prints and their public key, so that no one can sign the file. On the site, these data will be verified when signing the document.
The problem is that in order to sign the file, in theory, you need to upload it to the client's computer and sign it with a private key. At this time, all operations with this file will have to be slowed down (I want to store signatures inside the file).
As a way out of the problem, I'm going to upload the user's secret key (one hell, it was self-generated by the user himself specifically for signing this document, which will be indicated in the comment field in the certificate).
Is there a more elegant solution to this problem?
Threat - I understand children's questions, I'm far from this topic. As they say in the army - I read and translate with a dictionary;)
R
rPman, 2021-02-19 @rPman
The problem is exclusively in the political and legal field
. You will not solve it by any technical means. Yes, you can sign anything, but without the official acceptance of this signature and the algorithm for installing it (including what happens outside the computer, for example, the identity verification process, the control process, etc.) it is worth nothing.
Of course, you can do all this, but they will listen to you in the same way as if you did not.
All the necessary tools are in the openssl package, it is also available under windows in a bunch of implementations
E
exmate, 2021-02-21 @exmate
The description of the problem is unclear - a lot of unnecessary words for nothing. Some countries, some people, petitions.
What is at stake and what is needed is not clear.
It is necessary to organize the collection of document signatures on the site. I would like the signatures to be embedded (as in PDF, let's say) and not a bunch of files (assuming over 1000 signatures) with an encoded hash.
Let's say I'm going to collect a database with pictures of people, their documents against the background of their key prints and their public key, so that no one can sign the file. On the site, these data will be verified when signing the document.
The problem is that in order to sign the file, in theory, you need to upload it to the client's computer and sign it with a private key. At this time, all operations with this file will have to be slowed down (I want to store signatures inside the file).
As a way out of the problem, I'm going to upload the user's secret key (one hell, it was self-generated by the user himself specifically for signing this document, which will be indicated in the comment field in the certificate).
Is there a more elegant solution to this problem?
Threat - I understand children's questions, I'm far from this topic. As they say in the army - I read and translate with a dictionary;)
Similar questions
M
D
V
H
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question