certification

1.2.0 • Public • Published

certification

Stateless Ownership of Digital Goods

When a customer makes a purchase, do not store data on the server, rather give the customer a unique tamperproof Download Certificate for downloading and re-downloading the purchased product.

The first and foremost is customer email and name as verified by a payment processor, without that information the certificate will not be unpacked.

Fronting customer email and name will discourage the customer from sharing the digital download certificate.

Certificate may be re-issued upon a re-download, meaning that an older certificate may be invalidated by passage of time.

--

  • Upon a purchase, user is given a hard to modify/decrypt text string, called certificate.

  • The header of the certificate contains a hash.

  • The body of the certificate contains data encrypted with a server-side key.

  • Body can be decrypted on the server.

  • Decryption keys can be changed, older keys can be used.

  • Certificates can expire.

  • Certificates can be re-issued.

  • Certificates are never stored on the server, they are given to the user/client, may not even be emailed.

  • The server can be erased and no data-loss will occur; customers with valid certificates can re-download their purchased data.

Readme

Keywords

none

Package Sidebar

Install

npm i certification

Weekly Downloads

0

Version

1.2.0

License

ISC

Unpacked Size

34.4 kB

Total Files

4

Last publish

Collaborators

  • fantasyui.com