Thumbprints

DiME, the open and trust-based data format building secure Application-based Public-Key Infrastructures (APKIs) in a breeze.

A thumbprint, also known as a fingerprint or simply a hash, is a secure hash digests of a DiME item or envelope. These are generated by using a secure hash algorithm on the DiME encoded string of an envelope or item.

Thumbprints makes it possible to generate and store a thumbprint of an item, and then re-generate the thumbprint later to understand if an item is the same or if it has changed, all without the need for additional decoding or, depending on the thumbprint scope, signature verification.

Thumbprints are never not stored within a DiME envelope or item, as they should be re-generated when needed. An exception to this is when using item links.

By using the following DiME item:

Di:KEY.eyJjYXAiOlsiZW5jcnlwdCJdLCJpYXQiOiIyMDIyLTEwLTIyVDEyOjI4OjA1LjA0MTI4NVoiLCJrZXkiOiJTVE4uQm1XRnFVVGRZcE1uNVRESkc2NEd5dDVMcm9XTnV0WnNHMmE4RFBIVFk4WGRleU5aayIsInVpZCI6IjZiOGY5NTM2LTljOGUtNDA2NC05NTdhLTM1MjJmNmMzYTkzZiJ9

… the following thumbprint is generated:

f31eecac1bf624d811e3bd09e3da87814b159fbc2b22eaeaf20e50919b373779

The above example is using the DiME standard cryptographic suite when generating the thumbprint and it then encoded as HEXADECIMAL.

Last updated