W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

Re: Comments on last call draft (BRAVO Kent!!!)

From: EKR <ekr@rtfm.com>
Date: 27 Mar 2000 23:06:41 -0800
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: Ed Simon <ed.simon@entrust.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <kjn1nj8tfi.fsf@romeo.rtfm.com>
"Joseph M. Reagle Jr." <reagle@w3.org> writes:

> http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JanMar/0226.html
> You can't do enveloped or partial documents signatures really without
> operating in the XML as XML paradigm, if that frightens you from a
> security point of view, use detached. (Or see Phil's comment:
> http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JanMar/0246.html
I don't read Phill's comment this way at all. 

Rather, as I read it, Phill was describing how to adapt 
an XML as object tree implementation to do signatures over
character strings by treating the signed data as an opaque
string. I understood him to be arguing for what you're calling
an "XML as character string" representation. Phil, do I have
you right?

FWIW, I'm extremely uncomfortable with the idea of requiring
full C14N. It moves the trust boundary uncomfortably far away
from the signature module. Doing partial decomposition 
as Phill describes is standard practice in the ASN.1 community
and I don't see why it should be any more difficult in XML. 
If it is, then the problem is bad tool design, IMHO.

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
          PureTLS - free SSLv3/TLS software for Java
                http://www.rtfm.com/puretls/
Received on Tuesday, 28 March 2000 02:05:35 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT