RE: [widgets] Digsig optimization

Sorry for the delayed reply - I agree with Frederick's comments and
would like to go further and suggest we add a note on how
"implementations could be smart". Might be worth doing from a security
point as well as there could be ways of being smart that aren't so smart
if you get what I mean...

Thanks,

Mark 

>-----Original Message-----
>From: Frederick Hirsch [mailto:Frederick.Hirsch@nokia.com] 
>Sent: 27 February 2009 13:19
>To: marcosc@opera.com
>Cc: Frederick Hirsch; public-webapps@w3.org WG; Priestley, 
>Mark, VF-Group
>Subject: Re: [widgets] Digsig optimization
>
>Marcos
>
>Yes, logically there would be two self contained signatures 
>with references to every file in the package.
>
>Again Policy indicates which signatures must be verified. What 
>does the packaging spec currently say? To date it has been one 
>distributor spec that must be verified. We should be clearer 
>on this - I think this goes with the changes we make regarding 
>filename sorting and processing.
>
>However if both are to be verified, and if the algorithms are 
>the same (which is currently the case given one hash algorithm 
>in widget
>signatures) an implementation could be smart and calculate the 
>reference hashes once, eliminating that overhead if it were a concern.
>
>regards, Frederick
>
>Frederick Hirsch
>Nokia
>
>
>
>On Feb 27, 2009, at 6:48 AM, ext Marcos Caceres wrote:
>
>> Hi Frederick, Mark,
>> I have a concern wrt the author signature. It seems that both the 
>> author signature and the distributor signature need to sign 
>every file 
>> in the package. Does this mean that, to verify a package, you would 
>> need to effectively verify everything in the package twice? or is 
>> verification of the author signature optional?
>>
>> Kind regards,
>> Marcos
>>
>>
>> --
>> Marcos Caceres
>> http://datadriven.com.au
>
>

Received on Thursday, 12 March 2009 15:36:27 UTC