Skip to content
/ node-warrant-canary Public

A warrant canary module for node.js with digital signature verification and replay detection.

5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

srhoulam/node-warrant-canary

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
Backlog.js
Backlog.js
 
 
Canary.js
Canary.js
 
 
README.md
README.md
 
 
StreamReader.js
StreamReader.js
 
 

Repository files navigation

#Node.js Warrant Canary

###Create the keyring

gpg -a --export MyKeyName | gpg --no-default-keyring --keyring ./CanaryKeyring --import

###Preparations and things to note

For general information on warrant canaries, visit https://www.eff.org/deeplinks/2014/04/warrant-canary-faq

This warrant canary was written under the assumption that the signing key is entirely inaccessible to it. It is the operator's responsibility to manage, store, secure, and, if necessary, destroy the signing key.

For ideal usefulness, store one copy of the signing key on a separate machine, and securely delete the key once it outlives its usefulness. Adding signed messages to the canary more frequently enables the key's deletion to be noticed more quickly by anyone watching.

The canary will not accept messages without a valid signature. That is to say that unsigned messages are messages without a valid signature. I suggest using gpg's --clearsign flag to produce a signed message that is human-readable.

#API

Previous API documentation is now massively out of date.

If you're an interested party who needs documentation, contact me and I'll answer your questions, and probably write up-to-date docs in the process.

About

A warrant canary module for node.js with digital signature verification and replay detection.

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages