- From: John Cowan <cowan@locke.ccil.org>
- Date: Fri, 7 Jul 2000 22:29:30 -0400 (EDT)
- To: tgindin@us.ibm.com
- cc: "Joseph M. Reagle Jr." <reagle@w3.org>, "Martin J. Duerst" <duerst@w3.org>, w3c-ietf-xmldsig@w3.org, John Boyer <jboyer@PureEdge.com>
On Fri, 7 Jul 2000 tgindin@us.ibm.com wrote:
> In short, normalizing prior to digesting AVOIDS allowing
> inconsequential changes to change the digest. If I have misunderstood the
> point of the section cited, I'm sure someone will correct me.
Your scenario is correct as far as it goes. But consider a signed
document that contains an element or attribute named
"autorisation_de_découvert" ("credit limit").
A forged version of the document that contained the name
"autorization_de_de'couvert" (where ' = COMBINING ACUTE) would pass
a normalization + signature check. However, the document processor
might well fail to recognize it as having the semantics of "credit limit"
and treat it as unknown and to be ignored. Bad news: the forger
now appears to have unlimited credit!
--
John Cowan cowan@ccil.org
C'est la` pourtant que se livre le sens du dire, de ce que, s'y conjuguant
le nyania qui bruit des sexes en compagnie, il supplee a ce qu'entre eux,
de rapport nyait pas. -- Jacques Lacan, "L'Etourdit"
Received on Friday, 7 July 2000 21:52:48 UTC