Technical Details
For the technically curious, and because real security comes through careful protocol design, not obscurity, here are the technical details of what the notary does:
The document is hashed with MD5. The document is taken to be the lines of the notecard, in turn, separated by newline characters. The last line of the document is followed with the two characters ':0' (no trailing newline). This MD5 hash is the document-hash.
We rely on the mechanics of LSL's llDialog() call to ensure that when an avatar is signing a document and that no other avatar can do it for them.
Once all the signing and payment have been completed, a 'certificate of acknowledgment' is created. This is a short text that lists the document title, hash, signers, and notary details like time and place. This is the information that the notary is attesting to, and is public.
The notary agent, which is off-world, is contacted via a combination of e-mail and XML-RPC to transmit the certificate and get the notarization back. This notarization is actually an MD5 hash of the certificate signed with the notary's private RSA key.
This off-world communication is authenticated. The notary desk and the notary agent share a secret pass phrase used to hash a challenge, the certificate and the the communication address so that the off-world agent knows it is communicating with the real notary desk and that the content hasn't been altered. Note that none of the information transmitted is public: both the certificate and the notarization are public information, and so no encryption is needed.
The off-world notary agent keeps sequential log of all certificates signed. It keeps all the certificate details and the notarization, but not the documents.
All three parts, the document, the certificate and the notarization, are installed in a new notary receipt. This is the object that signers take and can use to verify the notarization.
Verifying a Receipt Out-of-World
If you want to, a notarization can be verified on your own computer. This will take some technical savvy and you will need access to an RSA implementation. The instructions here assume you are using a unix-like system (or Cygwin under Windows, or the command shell under Mac OS X) and that you have openssl installed.
1) Prepare the materials
You should have four text files:
- The document text stored in a file named document.
- The certificate text stored in a file named certificate.
- The notarization text stored in a file named notarization.
- The notarization signature stored in a file named signature.
All text files should use newline termination, and the last line should be terminated. Be extra careful when copying the document notecard text from SL to get the entire text, including any blank lines at the end of the notecard. Also, do not change any characters including white space like tabs or spaces at the ends of lines.
2) Get a copy of the notary's public key.
From the certificate, the line that starts 'notary-desk:' shows which notary key pair was used. You can find the public key from the list of keys in this document:
Copy the public key (include the lines with dashes) into a text file called 'key-pub'.
3) Verify the document
& echo -n ':0' | cat document - | openssl md5 > dd1
& grep document-digest certificate | cut -d ' ' -f 2 > dd2
& diff -q -s dd1 dd2
The two files, dd1 and dd2 should be identical, proving that the document is the same as the one named in the certificate.
4) Verify the certificate
& echo -n ':0' | cat certificate - | openssl md5 > cd1
& grep certificate-digest notarization | cut -d ' ' -f 2 > cd2
& diff -q -s cd1 cd2
The two files, cd1 and cd2 should be identical, proving that the certificate is the one named in the notarization.
5) Verify the notarization
& openssl base64 -d -in signature
| openssl rsautl -verify -inkey key-pub -pubin
| od -A n -t x1 | head -1 | tr -d ' ' > cd3
& diff -q -s cd2 cd3
The two files, cd2 and cd3 should be identical, proving that the notary signed the certificate named in the notarization.
Note: The first command is shown on three lines, but should be entered on one. The last line is a chain of three commands to convert the binary output of the verify operation into a hexadecimal string. Several other utilites can be used to do this with shorter command strings, but may or may not be available on your system:
xxd -p
or
hexdump -e '16/1 "%02x" "\n"'
or
perl -ne 'print unpack("H*", $_), "\n"'