- From: Chris Boscolo <chris@boscolo.net>
- Date: Thu, 1 Nov 2018 23:28:30 -0700
- To: Dave Longley <dlongley@digitalbazaar.com>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Received on Friday, 2 November 2018 06:29:03 UTC
On Thu, Nov 1, 2018 at 8:51 AM Dave Longley <dlongley@digitalbazaar.com> wrote: > On 10/29/2018 06:20 PM, Chris Boscolo wrote: > > IMO, it just seems unsafe to allow data that has been signed to be > > modified in any way and still produce the same signature. > > Could you give a concrete example for how this is related to > canonicalization? This sounds like a general problem with any signature > system -- and I think we all would agree that different data should hash > differently and produce different signatures. > To be clear that particular comment isn't criticizing that canonicalization needs to be done, it is criticizing that it needs to be done prior to verifying the signature. It was in response to Manu's comment that the JSON can be modified with whitespace after it has been signed. I don't want to overstate this, I'm not suggesting that this a fatal flaw. I just think it is a poor security architecture to allow the data that has been signed to be modified after signing and require that receiver of the data to run it through a canonicalization process prior to verifying the signature. It opens a door to exploits of the canonicalization process by a man-in-the-middle. -chrisb
Received on Friday, 2 November 2018 06:29:03 UTC