Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/fantasyui-com/certification

Stateless Ownership of Digital Goods. Upon a product purchase user is given encrypted tamper-proof certificate that can be used to download/re-download the product.zip. [Library, DRM, Crypto]
https://github.com/fantasyui-com/certification

Last synced: 5 months ago
JSON representation

Stateless Ownership of Digital Goods. Upon a product purchase user is given encrypted tamper-proof certificate that can be used to download/re-download the product.zip. [Library, DRM, Crypto]

Awesome Lists containing this project

README 

          
# certification

Stateless Ownership of Digital Goods



When a customer makes a purchase, do not store data on the server, rather give the customer a unique tamperproof Download Certificate for downloading and re-downloading the purchased product.



The first and foremost is customer email and name as verified by a payment processor, without that information the certificate will not be unpacked.



Fronting customer email and name will discourage the customer from sharing the digital download certificate.



Certificate may be re-issued upon a re-download, meaning that an older certificate may be invalidated by passage of time.



--



- Upon a purchase, user is given a hard to modify/decrypt text string, called certificate.

- The header of the certificate contains a hash.

- The body of the certificate contains data encrypted with a server-side key.

- Body can be decrypted on the server.

- Decryption keys can be changed, older keys can be used.

- Certificates can expire.

- Certificates can be re-issued.

- Certificates are never stored on the server, they are given to the user/client, may not even be emailed.



- The server can be erased and no data-loss will occur; customers with valid certificates can re-download their purchased data.