W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2021

draft-ietf-httpbis-message-signatures, a closer look

From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 14 Jul 2021 14:03:02 -0700
Message-ID: <CACsn0ck0y_XE8FZimukJ8iz+=HoY++VXozDA2ZGWZKtOSHzG7w@mail.gmail.com>
To: ietf-http-wg@w3.org
Dear all,

I've taken a look at  draft-ietf-httpbis-message-signatures and think
there are some issues and unfortunate limitations, beyond the
algorithm field issue. By canonicalizing the request into a bit string
before signature verification, but not necessarily ensuring
implementation semantics match that canonicalization, all sorts of
problems may ensue.

Applications MUST ensure that headers that change the meaning of other
headers that are signed are included. Otherwise things go badly.
Ideally applications would only look at the signed data, but that
isn't really possible in HTTP.

In cases where signatures are validated by a proxy, but the request is
interpreted by a server, all the usual problems of request smuggling
rear their ugly head. It should be a requirement that requests are
treated with extremely strict RFC compliance ahead of verification.

As far as I could tell post parameters are not covered by a signature,
and thus are vulnerable to modification. Modifying posted form data
could be very problematic. It's fine if out of scope, but feels like
it should be included to be useful, especially given that form data
can interact with URL query parameters.

Watson Ladd

Astra mortemque praestare gradatim
Received on Wednesday, 14 July 2021 21:03:26 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 14 July 2021 21:03:27 UTC