RE: comments on 990806 Requirements Doc from John Boyer on 1999-08-19 (w3c-ietf-xmldsig@w3.org from July to September 1999)

From: John Boyer <jboyer@uwi.com>
Date: Thu, 19 Aug 1999 12:21:55 -0700
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBLAOMJKOFPMBCHJOIAEMMCAAA.jboyer@uwi.com>

Hi Joseph,

Regarding [1], section 3.1.3, the requirement that an XML signature can
apply to all or part of an XML document, it has turned out that much of the
current draft scenarios document [2] is about securely addressing this
requirement.

From the scenarios, what became apparent was that the only solution which
seemed to solve all of the problems was having the ability to explicitly
list the portions of a resource that should be excluded.  This allows me to
create signatures that have document closure, retain ancestor information
when necessary, and retain element order of non-continuous regions that must
be signed.

A letter from Brown (cited in [2]) suggested making this a parameter of the
canonicalizer element.  I favor this approach since c14n is only defined for
XML resources anyway.  However, I favor it as long as the exclude list
(could be just a list of XPointers) is made part of the core behavior and
part of the requirements.  The security problems and shortcomings that would
result if this were not a requirement are substantial and not
application-specific.  Further reasoning is given in [2] section 2.4.

Please consider adding a requirement (or a subrequirement to requirement 3)
that we provide  a method of explicit exclusion of portions of XML
resources.

[1] http://www.w3.org/1999/08/xmldsig-requirements-990820.html

[2] http://www.w3.org/Signature/Drafts/xmldsig-scenarios-990818.html

Thanks,
John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company

-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Joseph M. Reagle
Jr.
Sent: Thursday, August 19, 1999 12:01 PM
To: John Boyer
Cc: dee3@us.ibm.com; Richard D. Brown; IETF/W3C XML-DSig WG
Subject: RE: comments on 990806 Requirements Doc

At 13:30 99/08/17 -0700, John Boyer wrote:
 >[Comments to an email from  Don, that hasn't yet made it to the list.]
 >
 >At 13:21 99/08/17 -0400, dee3@us.ibm.com wrote:
 > >2.2:  Suggest changing "The manifest includes..." to "The manifest must
 > >support..." so as to permit other types of manifest.
 >
 >Manifests that don't use URIs? If so, what would be the example?
>
 ><John> For example, having the signature directly sign the data by
 >enveloping the data inside of the manifest. </John>

Ok, I've included to Don's suggest text. The resulting document is at [1]
and will be officially published tomorrow. Then I'll update the ietf-draft
and push this out to W3C chairs and XML plenary and start twisting arms to
get commitments for review once we have a draft we are fairly comfortable
with.

[1] http://www.w3.org/1999/08/xmldsig-requirements-990820.html

_________________________________________________________
Joseph Reagle Jr.
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://w3.org/People/Reagle/

Received on Thursday, 19 August 1999 15:22:47 UTC