1.2.0 • Published 3 years ago

certification v1.2.0

Weekly downloads
3
License
ISC
Repository
github
Last release
3 years ago

certification

Stateless Ownership of Digital Goods

When a customer makes a purchase, do not store data on the server, rather give the customer a unique tamperproof Download Certificate for downloading and re-downloading the purchased product.

The first and foremost is customer email and name as verified by a payment processor, without that information the certificate will not be unpacked.

Fronting customer email and name will discourage the customer from sharing the digital download certificate.

Certificate may be re-issued upon a re-download, meaning that an older certificate may be invalidated by passage of time.

--

  • Upon a purchase, user is given a hard to modify/decrypt text string, called certificate.
  • The header of the certificate contains a hash.
  • The body of the certificate contains data encrypted with a server-side key.
  • Body can be decrypted on the server.
  • Decryption keys can be changed, older keys can be used.
  • Certificates can expire.
  • Certificates can be re-issued.

  • Certificates are never stored on the server, they are given to the user/client, may not even be emailed.

  • The server can be erased and no data-loss will occur; customers with valid certificates can re-download their purchased data.

@everything-registry/sub-chunk-1307@infinitebrahmanuniverse/nolb-cer@zalastax/nolb-cer
1.2.0

3 years ago

1.1.0

5 years ago

1.0.2

7 years ago

1.0.1

7 years ago