W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2003

Re: X509 data element

From: Rich Salz <rsalz@datapower.com>
Date: Tue, 04 Feb 2003 10:08:10 -0500
Message-ID: <3E3FD75A.4010401@datapower.com>
To: Joseph Swaminathan <jswamina@cisco.com>
CC: w3c-ietf-xmldsig@w3.org

>      Since the signature value on the signature node only covers the
> signed info element, the individual x.509 elements present in the
> key info is not signed at all. In that case, how can these values be
> trusted, unless it is cross verified with x.509 certificate.

Right, you don't trust them.  You either use the info as lookup keys 
into your own set of keys/certs that you do trust, or you use the cert, 
etc., information in the signature, and validate it up to a trust anchor 
(CA) that you do trust.

If you just naively accept whatever credentials are in the certificate, 
then all you can do is *verify the signature.*  The process of 
determining if you trust the identity of the signer is often called 
*validating the credentials.*

Both things must happen.  XMLDSIG defines the semantics of verification; 
validation is a local policy and implementation issue.

	/r$
Received on Tuesday, 4 February 2003 10:08:11 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT