W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

XML-Signature scenario proposal

From: Andreas Schmidt <aschmidt@darmstadt.gmd.de>
Date: Fri, 17 Sep 1999 13:41:23 +0200
Message-ID: <37E228E3.7A898902@darmstadt.gmd.de>
To: w3c-ietf-xmldsig@w3.org
Hi,

We would like to ask if the following fits into the scenarios document.

Mutual agreement scenario:

There is an agreement to be signed between merchant  
M and customer C. They do it in three steps: 
  1. M signs the contract and sends the resulting Offer document to C
  2. C signs Offer and sends it back to M as the Accept message 
  3. M adds a third signature to Accept and sends the resulting 
  Confirmation message to C. 

The purpose of the three steps is non-repudiation: Both parties are
sure  
that the other cannot repudiate her knowledge of the existence of the 
doubly signed contract, i.e., the agreement. (These three steps are core
parts of a protocol called BAKO that hass been developed at GMD some 
time ago). The (partial) XML documents generated could coarsly look  as 
follows:

1. Offer 

<dsig:Document xmlns:BAKO="http://www.gmd.de/BAKO"> 
<BAKO:Offer>

  <BAKO:OfferLocator href="www.merchant.com/Offers/77393529247521"/>

  <BAKO:Contract Number="77393529247521"> 
    The content of the offered contract enters here. 
  </BAKO:Contract>

  <dsig:Signature>
    <dsig:Manifest> 
      <dsig:Algorithm> ... </dsig:Algorithm>

      <dsig:Resource> 
        <dsig:Locator href="#77393529247521"/> 
        <dsig:Digest> ... </dsig:Digest> 
      </dsig:Resource>

      <dsig:SignatureAlgorithm ... /> 
    </dsig:Manifest> 
    <dsig:Value> ... </dsig:Value> 
  <dsig:Signature>

</BAKO:Offer> 
</dsig:Document>

Comment: Here, M uses a local link to refer to the contract to be signed 
and provides C with an (unique) reference to the location where the 
_whole_ Offer is stored by M. Thus, C can detach the signature in the 
next step and need not provide a storage place and reference to Offer 
(in real-world scenarios he might even not be able to do this), This 
also saves bandwidth if Contract is large.

2. Accept: C endorses the whole Offer document to which he points with 
an external XLink.

<dsig:Document xmlns:BAKO="http://www.gmd.de/BAKO"> 
<BAKO:Accept>

  <dsig:Signature> 
    <dsig:Manifest> 
      <dsig:Algorithm> ...  </dsig:Algorithm>

      <dsig:Resource> 
        <dsig:Locator 
          href="www.merchant.com/Offers/77393529247521"/> 
        <dsig:Digest> ... </dsig:Digest> 
      </dsig:Resource>

      <dsig:SignatureAlgorithm ... /> 
    </dsig:Manifest> 
    <dsig:Value> ... </dsig:Value> 
  </dsig:Signature>

</BAKO:Accept> 
</dsig:Document>

3. Confirmation: M can now add his last signature by direct envelopment.

<dsig:Document xmlns:BAKO="http://www.gmd.de/BAKO"> 
<BAKO:Confirm>

  <dsig:Signature> 
    <dsig:Manifest> 
      ... 
      <BAKO:Accept> ... </BAKO:Accept>
      ...
    </dsig:Manifest> 
    <dsig:Value> ... </dsig:Value> 
  </dsig:Signature>

</BAKO:Confirm>
</dsig:Document>

The funny thing about this scenario is that one can show three different 
modes  of signing in one example.

Questions: 

- There is an obvious semantic flaw in the design of Offer: M signs the 
Contract  but not its context consisting of: a) that it is meant as an 
offer b) the BAKO DTD. As I know, the WG has considered problems of that
kind and possible remedies. E.g., with XPointers M could say: I am 
signing the whole <dsig:Document> except my own signature. How would 
that look like ?

- It seems to me, that 'sign all from root node except own signature' 
comes up often in reality. Could one make this kind of default or 
provide syntactic shortcuts ?

- The notorious c14n issue, but reviewed under security and 
non-repudiation aspects. What should be c10ed and to what level ?

- We are considering to explain this scenario in a short paper at 
appropriate location. Do You support this idea ?

Best regards, Andreas Schmidt
------------------------------------------------------------------------
snail:Dr. Andreas U. Schmidt, Dept. SIT |email:aschmidt@darmstadt.gmd.de
      GMD German National Research      |phone:+49-6151-869-712       
      Center for Information Technology |fax  :+49-6151-869-704
------------------------------------------------------------------------
Received on Friday, 17 September 1999 07:40:50 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:07 GMT