W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2002

Re: URI Or Not?

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Fri, 17 May 2002 19:29:28 +0200
To: John Messing <jmessing@law-on-line.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <42892496.1021663767@crypto>
Hi John,

--On Freitag, 17. Mai 2002 07:16 -0700 John Messing 
<jmessing@law-on-line.com> wrote:

> I find this thread to be very useful but it raises questions to me about
> the ultimate usefulness of xml dsig for signing objects.
> Because the spec is based upon signing references that are described in
> xml, even if no other xml is being signed and no other transforms may be
> necessary, the method requires cannonicalization, as Manoj's example
> demonstrates, which according to the interoperability results, degrades
> performance. (Even at the best reported result from John Boyer of .5
> second to sign, this seems acceptable only for atomic transactions and
> probably will not be acceptable for high traffic server transactions).

I guess there is a little misunderstanding: There are two scenarios which 
are mixed here:

1: Your scenario (if I understood right) is to sign an arbitrary binary 

2: John's scenario with the 500 milli-seconds computation time refer to 
signing a large XML instance with complicated transforms.

The time it takes to create (or verify) an XML signature is composed of 

a) the time to fetch the resource which is identified by the reference.

   1: In your case, this is easy: A binary file on the hard
      disk. Read access. Same time for ALL signature
      applications, regardless whether you use XML Signature,
      PGP or S/MIME
   2: If John identifies a node set via same-document URI, this takes
      longer: eventually, the XML must be parsed, and the nodes must be

b) the time to mangle the de-referenced contents through eventually
   existing transforms:

   1: No transform in your example, so time=zero. This is the case
      also for PGP or S/MIME because they do not support the transforms
   2: Complicated transform in John's case. Time REQUIRED <= 500ms

c) the time to canonicalize the signed info:

   1: THIS is where PGP or S/MIME is maybe a little bit faster, because
      the digest of the signed resource is used as input for the public
      key algo.
   2: Time depends on how many references the SignedInfo contains, but
      my guess is about 1 milli-second or so.

d) the time for the signature or MAC algo

   1/2: same time as for PGP/S/MIME, because they also use RSA/DSA/ECDSA.

So you see, creating an S/MIME or PGP signature on a binary file takes the 
same time as creating an XML Signature (one reference, no transforms, same 
public-key-algo as the S/MIME-PGP-thing).

Received on Friday, 17 May 2002 13:24:33 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:37 UTC