1# JSON signing & verification 2 3A Perkeep server will typically expose a JSON signing handler. The operations for the signing handler are available at URL paths that are under the [Discovery protocol](discovery) response's **jsonSignRoot** value. 4 5The three handlers paths are: 6 7* **[jsonSignRoot]**/camli/sig/discovery 8* **[jsonSignRoot]**/camli/sig/sign 9* **[jsonSignRoot]**/camli/sig/verify 10 11## Discovery 12 13The discovery handler, in response to a GET request with no options, 14returns a 15[SignDiscovery](https://perkeep.org/pkg/types/camtypes/#SignDiscovery) 16value, such as: 17 18``` 19{ 20 "publicKey": "/sighelper/camli/sha1-f72d9090b61b70ee6501cceacc9d81a0801d32f6", 21 "publicKeyBlobRef": "sha1-f72d9090b61b70ee6501cceacc9d81a0801d32f6", 22 "publicKeyId": "94DE83C46401800C", 23 "signHandler": "/sighelper/camli/sig/sign", 24 "verifyHandler": "/sighelper/camli/sig/verify" 25} 26``` 27 28## Signing 29 30The signing handler requires a POST request (of either 31type `application/x-www-form-urlencoded` or `multipart/form-data`) and accepts 32parameters: 33 34* **json**: the unsigned JSON to sign 35 36## Verification 37 38The verification handler requires a POST request (of either 39type `application/x-www-form-urlencoded` or `multipart/form-data`) and accepts 40parameters: 41 42* **sjson**: the signed JSON to verify 43