W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Omitting Location and Transforms from SignedInfo

From: Greg Whitehead <gwhitehead@signio.com>
Date: Thu, 11 Nov 1999 17:53:55 -0800
Message-ID: <6B962A1EE646D31193270008C7A4BAB5381E9E@mail.paymentnet.com>
To: DSig Group <w3c-ietf-xmldsig@w3.org>
> I was unimpressed by the reaction at the IETF meeting to the need to
> omit Location and Transforms from the SignedInfo. Unimpressed because
> the opinions seemed to be based on fear, either of complicating matters
> or of creating security problems.  I would prefer reasons grounded in
> fact rather than fears.

I just thought of a concrete example:

SignatureMethod is included in SignedInfo to protect against a downgrade
attack, should one of the currently approved signature methods be broken.

Allowing arbitrary transformation of SignedInfo could potentially defeat
this protection by allowing an attacker to introduce a transformation that
substitutes in a broken SignatureMethod along with a reference to a modified
object and other changes (exploiting the broken signature method to produce
the original SignatureValue over the modified SignedInfo).

Received on Thursday, 11 November 1999 20:53:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:32 UTC