lib/verify set-top-box-id
The verify command displays the 'blinded' version textually or graphically, as appropriate, so that it can be compared to that reported by the set-top-box owner over a secure independent mechanism (for example, telephone). If the operator of verify is convinced of the identity of the caller, the operator should reply affirmatively when prompted for acceptance.
If the owner's identity is accepted, the verify command writes the authentication certificate to the /keydb/countersigned/set-top-box-id file, input for the countersigner daemon.
Note: After the operator of verify accepts the identity, the set-top-box owner should be informed to respond affirmatively to the prompt being displayed by the register command. The order of acceptance (first on the signer host) then on the client is important.
/keydb/signed/set-top-box-id |
/keydb/countersigned/set-top-box-id |