W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

Canonicalization of <SignedInfo> for Reference Validation

From: Dournaee, Blake <bdournaee@rsasecurity.com>
Date: Thu, 5 Jul 2001 11:10:20 -0700
Message-ID: <E7B6CB80230AD31185AD0008C7EBC4D2DAEEEA@exrsa01.rsa.com>
To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>
Cc: "Dsig (E-mail)" <w3c-ietf-xmldsig@w3.org>
Hello All,

I've been thinking about Section 3.2.1: Reference Validation and am not
quite convinced that there is a real security reason for canonicalizing
<SignedInfo> for Reference Validation. 

It is obvious to me that we need to canonicalize <SignedInfo> for Signature
Validation to work properly, but is it really necessary for Reference
Validation? Couldn't the canonicalization step be moved to the Signature
Validation step at a performance savings to those applications who are only
going to be relying on Reference Validation? (People shouldn't do this, but
I reckon that they will).

It seems to me that the only benefit that canonicalization has for Reference
Validation is to enable the XML to be parsed easily (?) - and I'm not sure
this is really necessary anyhow; Any permissible syntactic changes that are
removed during canonicalization wouldn't affect signature validity anyhow,
and an attacker wanting to break Reference validation could do it by
changing element content.

Is there something that I am missing here?

Kind Regards,

Blake Dournaee
Toolkit Applications Engineer
RSA Security
 
"The only thing I know is that I know nothing" - Socrates
 
Received on Thursday, 5 July 2001 14:10:38 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC