W3C home > Mailing lists > Public > public-xmlsec-maintwg@w3.org > May 2008

Re: Best Practices comments

From: Sean Mullan <Sean.Mullan@Sun.COM>
Date: Fri, 30 May 2008 16:21:05 -0400
To: Pratik Datta <pratik.datta@oracle.com>
Cc: XMLSec <public-xmlsec-maintwg@w3.org>
Message-id: <484061B1.6080702@sun.com>

Pratik Datta wrote:
> How about organizing the document like this ?
> 
> 1. Advice to verifiers
>   This is all of section 2.1.1   which basically says if there are 
> complicated transforms, you don't know what is being signed.
> 
> 2. Advice to signers
>   This is section 2.1.2 and section 2.4  which says not to sign a very 
> small part of the document, but to include user name, action, 
> timestamps, nonces etc into signature so that the signature can't be 
> replayed with some changes.
> 
> 3. Advice to implementors
>  This is section 2.2 and 2.3  which talks of order of operations, and 
> preventing denial of service attacks.

This looks better to me. I think I would like to see the Advice to 
implementors section come first, if only because it contains some of the 
most important best practices such as the order of operations and 
validating/trusting the key, both of which may also help reduce the risk 
associated with malicious transforms.

I haven't reviewed your detailed comments on my comments, but I will do 
that and respond later.

--Sean
Received on Friday, 30 May 2008 20:21:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 30 May 2008 20:21:56 GMT