W3C home > Mailing lists > Public > public-xmlsec@w3.org > May 2010

How to deal with null references?

From: Meiko Jensen <Meiko.Jensen@ruhr-uni-bochum.de>
Date: 11 May 2010 17:46:14 +0200
Message-ID: <4BE97BC6.4080407@ruhr-uni-bochum.de>
To: "XMLSec WG Public List" <public-xmlsec@w3.org>
Within the discussion on the XPath referencing style I remembered an
issue we came across lately:

If an XPath contains syntactical errors, this does not result in a
visible error. It is only treated differently, and might just result in
referencing no node in the actual XML document. If that is not
considered as an error in the XML Signature specification, there is a
threat of someone screwing it up without noticing. Even the verifier
does not notice: nothing was referenced, so the digest is calculated
about the empty nodeset, hence about "". As this was exactly the same
input as at the signer side, hash values match => signature is valid.
However, it protects nothing in the document from modification.

Hence, I recommend putting a sentence to XML Signature 2.0 stating that
a reference to an empty nodeset MUST be treated as a fault.

best regards

Meiko

-- 
Dipl.-Inf. Meiko Jensen
Chair for Network and Data Security 
Horst Görtz Institute for IT-Security 
Ruhr University Bochum, Germany
_____________________________
Universitätsstr. 150, Geb. IC 4/150
D-44780 Bochum, Germany
Phone: +49 (0) 234 / 32-26796
Telefax: +49 (0) 234 / 32-14347
http:// www.nds.rub.de
Received on Tuesday, 11 May 2010 15:46:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 11 May 2010 15:46:39 GMT