Hash trees

The Hash Trees tab allows the configuration of the ArchiSig Module. The ArchiSig Module includes all functions that serve the long-term cryptographic securing and preservation of authenticity and verifiability of content.

Figure 209: Signatures – hash trees

Hash tress configuration includes sub-tabs that allow the following actions:

To configure settings

  • Select the check box Use Timer to enable the timer.

  • Select the check box Enable ArchiSig to enable hash trees functionality.

  • Specify the following parameters for the ArchiSig Module functionality:

    • Max Unstamped: Specify a maximum number of waiting hashes to be added to the tree.

    • Max Age (in minutes): Specify a maximum waiting time before hashes are added to the tree.

    • Timer Interval in Minutes: Specify interval for adding hashes to the tree.

  • The hash trees are displayed in a hit list with the general ImageMaster functionality.

  • For a new hash tree, click Add New Hash Tree and specify the following parameters: 

    • Name: Define the name of a hash tree.

    • Algorithm: Select an available algorithm from the list.

    The hash tree will be added to the list. This can happen with some delay. Press "Refresh" icon to update the list.

  • You can enable or disable a hash tree by changing the status. Select a hash tree in the list and click Change the state. The window with the supported options will be opened:

    Select State and click OK.

    The following states are supported: 

    • active: The tree is enabled for storage of new hashes.

    • readonly: The tree will be marked as read-only, which means that no new hashes can be stored there.

    Note that no explicit saving is required. The changes are taken into effect when you press OK.

  • Expand the menu Actions to access more configuration options for a hash tree:

    • Count Unprocessed Hashes

    • Process Hashes

    • Count Hashes

    • Count Subtrees

To configure Admin certificates

  • Go to Admin Certificatestab.

  • For a new certificate, click Add and specify the name in the dialog.

  • The new entry will be added to the list. Upload a certificate file in the appeared area.

  • Admin certificates cannot be configured but the following information is displayed:

    • Subject: the distinguished name of the client who owns the certificate

    • The subject consists of numerous attribute-value pairs. Some of the most common attribute values and their explanations are as follows:

      • CN: CommonName

      • L: Locality

      • ST: StateOrProvinceName

      • OU: OrganizationalUnit

      • O: Organization

      • C: CountryName

    • Issuer: the distinguished name of authority who issued the certificate

      See the section above for the description of the most common attribute values and their explanations.

    • Valid from: the date when the certificate was issued

    • Valid to: the date till when the certificate is valid

    • Serial: the unique identifier for each certificate generated by a certificate issuer

    • Thumbprint: a hash value computed over the complete certificate, which includes all its fields, including the signature