Page signature with PGP
Why must HTML pages be signed?
It is usually convenient to make sure that the information included in a document is precise, identical to the original published form, so that we must make sure that we have access to the original information.
This is the main aim of the PGP signature of some HTML pages in the server of INCIBE, so that any user can ensure that the information has not been modified. Different mathematical techniques are used, including public key cryptography and the PGP program.
Public key cryptography.
Public key cryptography is based on the existence of two keys or mathematical functions with a fundamental characteristics, which is that a message can only be decoded using a complementary key. It is called a “public key” because one of them is secret, while the other is public and any person can have access to it.
When signing a document, the private key is used and anyone can ensure that it has not been modified with the use of a public key, since the modification of the text would not validate the authentication of the message.
What is PGP?
There are different programs that can be used for the digital signature of documents. The PGP program has been chosen for the signature of HTML pages of the server. This was one of the first programs that was started to be used by users to sign and encode documents. It has a long and interesting history and there are public domain versions for almost all platforms and operating systems, which allows us to check that the pages have not been modified on any operating system.
Why isn’t SSL/TLS used?
There is another mechanism called SSL/TLS that enables safe and authenticated connections from WWW browsers, such as Mozilla Firefox or Internet Explorer, ensuring the use of a more transparent and direct method than that used by INCIBE. The problem of this system is that all cryptographic operations are carried out for each connection established, so that the connection is slower. The system used by the server of INCIBE is not as transparent for the browser since it only signs pages once (when they are modified by INCIBE), and the pages signed are loaded at the same speed than pages that are not signed.