Public Key Pen
PKP helps you create, sign with and distribute public keys. It is designed to work in concert with PKS.
PKP is based on the work of SDSI, a simple distributed security infrastructure. PKP is meant to lower the technical barrier to using public key cryptography effectively. SDSI leverages Public-key cryptography which gives us the ability to sign data and to some degree, verify it origins.
npm install pkp -g pkp config
Recursively hash the contents of a directory and produce a
Hash the contents of a package, compare it with the hash found
certificate as well as attempt to validate it's public key.
pkp sign <package-name> [version]
pkp sign --remote git://github.com/hij1nx/pkp.git
THIRD PARTY VERIFICATION
The verify method tries to validate the certificates and their public keys found in a specified pacakge-name or remote.
pkp verify <package-name> [version]
PKI FILE SPECIFICATION
A package should contain a pki.json file which includes an object literal with entries corresponding to each signed version of the package.
Non-repudiation in the Digital Environment http://firstmonday.org/ojs/index.php/fm/article/view/778/687