c2pa-rs icon indicating copy to clipboard operation
c2pa-rs copied to clipboard
verified publisher icon contentauth

What certificate to use for C2PA signing?

Open sidhire opened this issue 1 year ago • 0 comments

I would like to sign AI generated images using C2PA on a cloud server.

This page on the C2PA website (https://opensource.contentauthenticity.org/docs/getting-started/) gives a list of providers from which to obtain a certificate. In speaking with Comodo, the first entry listed there, they said that C2PA signing would require their EV (Extended Validation) Code Signing Certificate. However, that certificate is not be able to sign images on a cloud server—the USB containing the certificate has to be plugged into the computer that's doing the signing. So it appears that Comodo's certificates would not be usable for what seems like a very common use case for C2PA.

Has anyone managed to solve this problem of doing C2PA signing on a cloud server? Which certificate did you use, and from which provider? Thanks!

(I'm using the Node library, but posting here because the discussion seems more active.)

sidhire avatar Jul 03 '24 22:07 sidhire