Re: Core Validation question

[Note, your message should've been sent to the dsig list, not the xenc 
list, so I'm rerouting my reply.]

On Thursday 18 October 2001 6:58, Výboch, Michal wrote:
> Why the 1. step of core validation is reference validation?
> I think that the first step should be signature validation and if it is
> successed then the reference validation should be calculated.
> Because if reference validation is treated at first and somebody changed
> reference URI the reference validation will access to this changed URI
> and it could bring some security weakness.

As recently discussed on the list [1], step 1 of Reference validation it to 
canonicalize SignedInfo, which mitigates URI rewriting concerns. I believe 
the order of Core Validation (Reference Validation, then Signature 
validation) was editorial, and written to be of the same order as as for 
signature generation. However, I believe implementations could do various 
optimizations. For instance, step 1 of Reference Validation requires the 
SignedInfo to be canonicalized for security purposes. However, that 
canonical form of SignedInfo can be retained for Signature Validation, in 
step 1, "Obtain the keying information from KeyInfo or from an external 
source." and for step 2,  "confirm the SignatureValue over the SignedInfo 
element."

If an implementation didn't care to provide specific information to the 
user about why a signature failed I don't see any problem checking the 
signature first and throwing an error. (I expect signature validation is 
cheaper than reference validation.)

[1] 
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html




-- 
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Thursday, 18 October 2001 10:34:08 UTC