RE: [widgets] Digsig optimization

Sorry for the delayed reply - I agree with Frederick's comments and
would like to go further and suggest we add a note on how
"implementations could be smart". Might be worth doing from a security
point as well as there could be ways of being smart that aren't so smart
if you get what I mean...



>-----Original Message-----
>From: Frederick Hirsch [] 
>Sent: 27 February 2009 13:19
>Cc: Frederick Hirsch; WG; Priestley, 
>Mark, VF-Group
>Subject: Re: [widgets] Digsig optimization
>Yes, logically there would be two self contained signatures 
>with references to every file in the package.
>Again Policy indicates which signatures must be verified. What 
>does the packaging spec currently say? To date it has been one 
>distributor spec that must be verified. We should be clearer 
>on this - I think this goes with the changes we make regarding 
>filename sorting and processing.
>However if both are to be verified, and if the algorithms are 
>the same (which is currently the case given one hash algorithm 
>in widget
>signatures) an implementation could be smart and calculate the 
>reference hashes once, eliminating that overhead if it were a concern.
>regards, Frederick
>Frederick Hirsch
>On Feb 27, 2009, at 6:48 AM, ext Marcos Caceres wrote:
>> Hi Frederick, Mark,
>> I have a concern wrt the author signature. It seems that both the 
>> author signature and the distributor signature need to sign 
>every file 
>> in the package. Does this mean that, to verify a package, you would 
>> need to effectively verify everything in the package twice? or is 
>> verification of the author signature optional?
>> Kind regards,
>> Marcos
>> --
>> Marcos Caceres

Received on Thursday, 12 March 2009 15:36:27 UTC