In this meeting, the State Changers discussed the process of document signing, specifically focusing on the complexities of using Xano and employing cryptography. They explored how keys are created, using RSA key pairs and sign roots, and how these are used to sign documents, discussing concepts like timestamps and hashing.
The meeting also addressed the dual use of public and private keys in the signing process, generated through database records. The hashing algorithm SHA-256 was identified as what they use. To ensure system integrity, a verification process on the public key was also set up. The latter part of the discussion delved into the format and structure of a signed certificate. They clarified that the PEM (Private Email) format — a common format for holding cryptographic numbers that could be supported by email systems — is often used. It was also discussed that adding user metadata information such as the date of issue and user identification within the x509 certificate can provide additional security levels. The State Changers acknowledged the complexities of cryptography and the importance of trial and error when it comes to understanding and utilizing these systems. The need for further discussion and exploration was also recognized, particularly in relation to aligning their work with the prevailing standards in systems like e-notary businesses. From this meeting, it's evident that the State Changers are focused on establishing a secure system that maintains data integrity, a "chain of trust", yet is flexible enough to accommodate the necessary information through a format like x509. Thus, this meeting would be very beneficial for those exploring cryptography, document signing processes, the use of public and private keys, and secure data transfer and validation.
(Source: State Change Office Hours 9/21/2023 )
