W3C home > Mailing lists > Public > w3c-xml-sig-ws@w3.org > April 1999

Single Key in Originator Information

From: Paul Lambert <plambert@certicom.com>
Date: Wed, 21 Apr 1999 13:27:26 -0700
To: reagle@w3.org
cc: w3c-xml-sig-ws@w3.org
Message-ID: <8825675A.006D3DAF.00@domino2.certicom.com>

Joseph,

In your example from April 13 you have two keys represeted using <rdf:Alt>:

       <!-- The originator info and his keys -->
       <dsig:OriginatorInfo rdf:resource="http://w3.org/Reagle/">
         <dsig:keys>
           <rdf:Alt>
             <rdf:li rdf:parseType="Resource">
               <dsig:key ID="X509" type="http://iso.org/x509"
                         value="...308201F0308201B002010..."/>
             </rdf:li>
             <rdf:li rdf:parseType="Resource">
               <dsig:key ID="PGP" type="http://pgp.com/pgp"
                         value="...F3082010308201B002010..."/>
             </rdf:li>
          </rdf:Alt>
        </dsig:keys>
       </dsig:OriginatorInfo>

The first key is carried in within a X.509 certificate.  The second key is
carried in a PGP certificate.  I assume that you intend in this example for
both certificates to carry the same public key.

Evaluation of this signature will  result in an ambiguos result.  The
validation processing for X.509 is very different from PGP.  It is possible
for one certificate to be revoked and the signature invalid and the second
certificate to be valid.

Even if both alternatives were in the same format, the associated
attributes would be different (or else they would be the same certificate).
Any variations in the certificate in name, validity period, key usage
restrictions, or other attributes will effect the interpretation of the
signature.  Allowing multiple alternatives for a key will allow create
scenarios with ambiguos signature interpretations.

This example  illustrates that a signing entity is more than just the
public key.   The validation processing of a digital signature must
consider all of the originator information carried with the public key.
We should include only one starting point for this validation process.

So, I propose that:
 XML digital signatures must carry only a single originator key or
certificate.


Paul
Received on Wednesday, 21 April 1999 16:38:54 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 11:28:04 EDT