Choose your language: English, 日本語(Japanese), or use the Google translation:
What is this?
An add-on for the Mozilla Firefox or for the Google Chrome. By clicking a button, you can tweet the contents of '#tweet-sig-in' and copy the tweeted URL into '#tweet-sig-out'.
It is supposed to be used for verification to the degree of a ready-made seal.
Where can you get it?
I made them in accordance with the Web Extension standard which is the standard of browser extension. The number of supported browsers should increase in the future.
To what extent is an electronic signature necessary?
Using a digital signature with a public key for everyday transactions is too serious and some may say that a public key can not be trusted when considering the future development of computers. Can you make it possible to verify that you are a principal with a business intention at the time of trading in a simpler way?
There is a simple way to prove that a certain site is that of the person who is talking. It is a way to display the strings thought here somewhere on the site. Also, if it is known that a site is that of the person you are talking to, the third party will be able to know when the deal was in line with a signature if you publish the signature of the transaction details there.
This add-on's proposal is to use Twitter as this "certain site" and to perform simple verification.
In order to be able to confirm dealings after a while, you will want the site to keep data on the site. They can be deleted on Twitter. However, if the transaction violation has reached criminal level such as fraud, it seems that deleted data remains on Twitter, so it is not impossible to restore the data. I think that blatant fraud is unlikely to happen.
You will want a tweet to be open to everyone so that a third party can confirm it. On Twitter, anyone can protect tweets against non-followers. However, there is the idea that a third party like a notary person always publishes a tweet and verifies with it, and there is a method such as being asked to follow from a notary person for a fee. So I think that it is not a big problem .
It is the selling point of this add-on which makes the structure simple and easy to understand after all.
Behavior of this add-on
Hash value of form data etc will be good as the published signature, but this add-on does not support until computing hash value. Simply assume that the hash value is contained in a DOM element whose id is 'tweet-sig-in'.
If a page has a DOM element whose id is 'tweet-sig-in' and a DOM element whose id is 'tweet-sig-out', the add-on displays a button on the tool bar.
When that button is clicked, a tab for tweeting data entered in the DOM element named 'tweet-sig-in' is opened. (If the DOM element is an element of an INPUT tag, 'value' is referenced, otherwise 'textContent' is referenced.)
When tweeted there, tweet's permanent URL is automatically assigned to the DOM element named 'tweet-sig-out'. (If the DOM element is an element of an INPUT tag, it is assigned to 'value', otherwise it is assigned to 'textContent'.) Then dispatch a 'change' event to that DOM element.
In other words, the confirmation page of the form must have the DOM elements whose id are 'tweet-sig-in' and 'tweet-sig-out'.
It is possible to manually let users do this work without using this add-on, but please imagine if you can easily make the explanation understood. It must be difficult. Certainly this add-on performs a special action of using the specific ids, but to explain it, it is enough to just say "install this add-on and press a button". That is the merit of this add-on.
Distribution of images of a button
A button image is necessary when explaining to users. In such applications you can freely use (download or upload) the image of the button. The icons of various sizes are placed below.
16x16 , 32x32 , 96x96 .
Let me answer some of the possible questions.
From the point of view, Facebook would be more appropriate for this add-on. In fact, I tried to implement it to do the similar thing on Facebook until it was working. However, since Facebook does not allow prefilling entries that have not been directly entered by the user when posting comments as the Tweet Sig does, I gave up before applying for app review of Facebook. Regarding Google+, it seems that we do not have an API to post comments in the first place. According to volunteer efforts, Mastodon could be implemented in a format similar to Twitter, but it is not major and so I didn't support it.
If you can tweet just by placing a button on the page, a malicious third party will be able to tweet arbitrary comments using scripts. It is normal to open another tab or window to avoid that. If you have to return the data from that tab, the level of an add-on is necessary (apart from being pre-built of the tab, such as supporting 'postMessage').
This add-on is somewhat experimental
This add-on has just been made and is somewhat experimental. It is appreciated if you try to use the Tweet Sig. It was special to decide the name of the DOM element as 'tweet-sig-in' and 'tweet-sig-out', but since it was necessary to decide something anyway. What is done is very simple.
Frankly speaking, the author himself has no experience of using this add-on in actual transactions. He doesn't have the opportunity to experiment this add-on. Therefore, updating this add-on is expected to be prone to stagnation. I want you to forgive me.
Opinions and requests are accepted on one page of the author's blog. It is a Japanese site, but you can comment in English. Because it is an individual site, there must be many difficulties, I think. I need your tolerance.
(This English page has been made of sequentially modified paragraphs of the translated ones by the Google translation of the Japanese page.)
This add-on does not collect any data from users. Google and Mozilla are only making statistics about installing add-ons.
The author is a Japanese.
I intended this program to be public-domain, but you can treat this program under the (new) BSD-License or under the Artistic License, if it is convenient for you.
Within three months after the release of this program, I especially admit responsibility of efforts for rational requests of correction to this program.
I often have bouts of schizophrenia, but I believe that my intention is legitimately fulfilled.
(On the Mozilla's distribution page, the BSD License has been chosen for the sake of clarity, but the license can be loosened as above if you like so.)