Re: Digital signing of printed documents

To: debian-user@lists.debian.org
Cc: Dave Howorth <dhoworth@mrc-lmb.cam.ac.uk>
Subject: Re: Digital signing of printed documents
From: Alphonse Ogulla <aogulla@gmail.com>
Date: Tue, 5 Jul 2005 18:11:22 +0300
Message-id: <[🔎] c258237605070508116e29e41@mail.gmail.com>
Reply-to: Alphonse Ogulla <aogulla@gmail.com>
In-reply-to: <[🔎] 42C94356.5010100@mrc-lmb.cam.ac.uk>
References: <[🔎] c2582376050704054221c63c23@mail.gmail.com> <[🔎] 42C94356.5010100@mrc-lmb.cam.ac.uk>

On 7/4/05, Dave Howorth <dhoworth@mrc-lmb.cam.ac.uk> wrote:
> Alphonse Ogulla wrote:
> > Hi good people,
> > I wish to get your views on how I can implement a system that will
> > capture text of a financial document that is to be printed, run a hash
> > algorithm (SHA-1) over the document text, store an electronic copy of
> > the document and its digital signature to disk and lastly print the
> > document with the electronic signature at the last line of the
> > document. The financial document can be a ticket/receipt produced by a
> > POS application or an invoice/delivery note generated by an accounting
> > software.
> ...
> > Do you think this is a reasonable way of going about this project? Is
> > Samba-CUPS and bash/perl scripting the best tools to use or are there
> > others? What is your recommendation and advise? Your comments, remarks
> > or criticism are welcome.
> 
> As others have mentioned, perhaps you need to tell us more about the
> project's purpose - what risks is it designed to protect against?
> 
> For example, the existence of the _c.txt leads me to suspect that you're
> worried the _b.txt files may be changed. But it's not clear why you
> wouldn't just store everything on the CD if that's the case?
> 
> And I'm not sure of the purpose of printing the hash on the paper
> ticket, since it may or may not correspond to the text that's actually
> printed on a specific piece of paper that's presented later. When does
> the printed hash get used?
> 
The primary purpose of the project is to assure auditors and tax
authorities that printed documents are true if the electronic
signatures match. It also provides a means of the authorities to check
in a reliable way what taxes a certain business is to pay. The
accounting system will continue to produce reports based on document
authenticataion.

Only signatures that are used to authenticate _b.txt files are stored
on CD-R so that once a record has been saved on CD-R, it can no longer
be altered. Its is important in order to keep permanent records of
electronic endorsments.

The digital signature at the last line of the invoice is basically a
unique identifier derived from the text of the invoice. This
requirement is again a local reglulation concerning electronic invoice
validatiion for operation under fical requirements.

Reply to:

References:
- Digital signing of printed documents
  - From: Alphonse Ogulla <aogulla@gmail.com>
- Re: Digital signing of printed documents
  - From: Dave Howorth <dhoworth@mrc-lmb.cam.ac.uk>

Prev by Date: Hewlett-Packard package conflicts
Next by Date: Re: rosegarden, no sound
Previous by thread: Re: Digital signing of printed documents
Next by thread: does Sarge have a /boot/boot-menu.b file?
Index(es):
- Date
- Thread