W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

RE: XML-Signatures Requirements Last Call

From: Phillip M Hallam-Baker <pbaker@verisign.com>
Date: Fri, 20 Aug 1999 17:10:13 -0400
To: "Joseph M. Reagle Jr." <reagle@w3.org>, <chairs@w3.org>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, <w3c-xml-plenary@w3.org>, "Donald E. Eastlake 3rd" <dee3@us.ibm.com>, "Jon Bosak" <Jon.Bosak@eng.sun.com>
Message-ID: <005b01beeb50$6512e240$6e07a8c0@pbaker-pc.verisign.com>
I object to the following requirement:


3.2 The specification must specify at least one mandatory to implement
signature canonicalization, content canonicalization, hash, and signature
algorithm.


No justification is provided for requirng mandatory implementation of a
canonicalization algorithm. A canonicalization algorithm is not required
to create a signature.

The simplest implementation of a signature verifier is to validate the
hash of the bits on the wire.

The simplest implementation is desired because it is the least likely
to have errors.

A canonicalization algorithm introduces potential ambiguity into the
bit-stream presented and is therefore a security risk. If an application
is presented with a bit stream which does not validate it MUST be
permitted to reject the signature. It MUST NOT be required to manipulate
the data to make the signature verify.


I propose the following replacement:

3.2 The specification must specify at least one mandatory to implement hash,
and signature algorithm.
Received on Friday, 20 August 1999 17:12:27 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:07 GMT