W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Parser-less verifiers

From: Phillip M Hallam-Baker <pbaker@verisign.com>
Date: Wed, 27 Oct 1999 17:40:08 -0400
To: "Ed Simon" <ed.simon@entrust.com>, "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <003501bf20c3$d6e1d860$6e07a8c0@pbaker-pc.verisign.com>
Such a verifier would have the ability to parse the signature manifest
but would not have access to the schema for the document encoded.

If we are just talking about c14n on the manifest I fail to see how
the ability to mangle the text through DOM applications that do
not preserve canonicalization achieves anything. Why would any 
application parse a DigSig manifest and gratuitously reorder the
attributes if it did not understand the DigSig spec? If it is DigSig
aware then why can it not be required to emit the text in the same
cannonical form it arrived in?

Don's argument makes even less sense applied to the manifest alone
than it does to the target document. The case he has been making is
clearly directed at requiring every DigSig verifier support his
c14n feature. The examples he has been giving are clearly refering
to messages being subjected to DOM transformation and not manifests

Rather than make support for c14n on the verifiers a strict requirement
I am proposing that it be optional. A verifier should be able to insist
that the octet stream presented be in the canonical form specified if
a canonical form is specified.

This does not prevent DigSig aware applications supporting recovery
programs for messages abused by neglectful DOM processing, it merely 
means that such support is not a requirement.

In the applications where I care about canonical form I am going to
insist that canonical form be the representation on the wire by 
writting the requirement into the rule book.


> -----Original Message-----
> From: w3c-ietf-xmldsig-request@w3.org
> [mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Ed Simon
> Sent: Wednesday, October 27, 1999 4:25 PM
> Subject: Parser-less verifiers
> Phillip wrote
> 	What people are objecting to is the unnecessary canonicalization
> 	code you are requiring the verifier of the signature to write.
> 	Not all verifiers will include a DOM parser. A large number
> 	of verifiers will not even have access to the schema.
> I can understand that signing implementations will not need to do
> XML parsing because they just have to write XML, not read it.
> However, it seems to me a verifier would want at least a basic
> XML parser to properly process an XML Signature.
> Phillip, could you elaborate a little more how
> you see an XML-parser-less verifier extracting the information it needs
> from an XML signature in order to verify that signature?
> eg. Would it use pattern matching rather than full-blown
> XML parsing?
> Thanks, Ed
Received on Wednesday, 27 October 1999 17:38:50 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:32 UTC