- From: Karel Wouters <Karel.Wouters@esat.kuleuven.ac.be>
- Date: Tue, 2 Apr 2002 16:00:17 +0200 (CEST)
- To: Aleksey Sanin <aleksey@aleksey.com>
- cc: xml-encryption@w3.org
Hi, I think that SignatureMethod in ds:SignedInfo should be present in each signature, because it restricts the attacker: If I leave out SignatureMethod, the attacker might be able to come up with a weaker SignatureMethod, tamper with the references and claim that the signature was produced with this method. RSA with a weak hash algorithm would suffice. (actually, he might produce 'any' signature if the hash function is weak enough) So specifying the SignatureMethod ensures the verifier that this signature is generated with a solid technique. (mailinglist, correct me if I'm wrong) Karel. On Mon, 1 Apr 2002, Aleksey Sanin wrote: > Sorry for mistype, actually Imeant SignatureMethod in XMLDSig: > > A minor issue but probably it's worth to fix it: the EncryptionMethod > in XMLEncryption and SignatureMethod in XMLDSig both have the same meaning: > algorithm selection. However, EncryptionMethod is *optional* element and > SignatureMethod is *required*. From my point of view it is inconsistent. > Either both should be required or both should be optional. I would prefer > the second (both optional) since application can have this > information from the context. > > > Aleksey Sanin <aleksey@aleksey.com> > http://www.aleksey.com/xmlsec > >
Received on Tuesday, 2 April 2002 07:57:22 UTC