image provider

The Appraiser


Disclaimer

This essay does not describe an existing computer program, just one that should exist. This essay is about a suggested student project in Java programming. This essay gives a rough overview of how it might work. I have no source, object, specifications, file layouts or anything else useful to implementing this project. Everything I have prepared to help you is right here.

This project outline is not like the artificial, tidy little problems you are spoon-fed in school, when all the facts you need are included, nothing extraneous is mentioned, the answer is fully specified, along with hints to nudge you toward a single expected canonical solution. This project is much more like the real world of messy problems where it is up to you to fully the define the end point, or a series of ever more difficult versions of this project and research the information yourself to solve them.

Everything I have to say to help you with this project is written below. I am not prepared to help you implement it; or give you any additional materials. I have too many other projects of my own.

Though I am a programmer by profession, I don’t do people’s homework for them. That just robs them of an education.

You have my full permission to implement this project in any way you please and to keep all the profits from your endeavour.

Please do not email me about this project without reading the disclaimer above.

Introduction

This is a tool for appraisers of jewelry, houses, cars, horses etc. The problem with a written appraisal is there is no way to know just by looking at it if it is genuine. To be sure, the buyer has to contact the appraiser and check. There is possibility for fraud in counterfeit appraisals, totally bogus appraisals, in setting up phony appraisers or people who masquerade as known legitimate appraisers.

The idea is to use digital signing to validate appraisals.

How It Works

The signing authority issues digital certificates to appraisers, charging them a fee. The digital certificate they receive attests to the qualifications they claim and to the identity they claim. It is otherwise almost identical to a Java code-signing private/public key certificate you would buy from Thawte. The appraisers digitally sign their appraisals with their certificate’s private key. The appraisal may contain text, HTML (Hypertext Markup Language), images, a date and of course a dollar figure.

People who have had their homes appraised for example, could get a yearly update purely electronically. Electronic appraisals would have an official expiry date.

To validate an electronic appraisal, you get the seller to email it to you. You run a Java Web Start validator program that downloads its code from the signing authority. That code then does the verification. It does not need online access to either the signing authority or the appraiser to work. It would easily fit into a laptop, but probably not a hand-held just yet.

The validation program verifies the electronic signature and can assure you that the appraisal was indeed made by that appraiser and some details about that appraiser’s qualifications.

Revocation

Let us say some years down the road somebody stole a copy of an appraiser’s private key certificate or even figured out how to crack the system entirely. Because the client program is Java Web Start, it would soon know about the problem and could request more secure replacement appraisals for any it hand on file.

Fraud

The simplest fraud is to offer to validate the appraisal using phony software that looks like the real thing. Always use your own computer to validate appraisals.
Always use your own copy of the software to validate appraisals.
Always use your own Internet connection to get software updates.


This page is posted
on the web at:

http://mindprod.com/project/appraiser.html

Optional Replicator mirror
of mindprod.com
on local hard disk J:

J:\mindprod\project\appraiser.html
logo
Please the feedback from other visitors, or your own feedback about the site.
Contact Roedy. Please feel free to link to this page without explicit permission.

IP:[65.110.21.43]
Your face IP:[54.205.54.215]
You are visitor number