W3C home > Mailing lists > Public > xml-dist-app@w3.org > February 2002

Re: Proposal for resolution of issue 176

From: Rich Salz <rsalz@zolera.com>
Date: Mon, 11 Feb 2002 22:21:31 -0500
Message-ID: <3C688A3B.180E9F4@zolera.com>
To: Christopher Ferris <chris.ferris@sun.com>
CC: Henrik Frystyk Nielsen <henrikn@microsoft.com>, Noah Mendelsohn <noah_mendelsohn@us.ibm.com>, xml-dist-app@w3.org
Chris, your note starts to bring up the subtleties involved in signing
SOAP messages. Since intermediaries can add or remove header elements,
how can I as a sender sign message to be robust in the face of buggy or
malicious intermediaries who might add header elements with the same
QNAME as I originally signed? I think we need to define an ID attribute,
just like soap-enc.  Is there another approach I've missed?

Perhaps more importantly, if intermediate rewrites make it unrealistic
to sign an entire message, but I instead must enumerate the applicable
elements, then I can't use XML C14N (because an adversary might change
namespace decls, as you pointed out), but must instead using exclusive
canonicalization, which just finished Last Call.

Zolera Systems, Securing web services (XML, SOAP, Signatures,
Received on Monday, 11 February 2002 22:40:11 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 22:01:18 UTC