Re: Detached signature of non-sibling elements (?) from Frederick Hirsch on 2014-08-27 (public-xmlsec-comments@w3.org from August 2014)

From: Frederick Hirsch <w3c@fjhirsch.com>
Date: Wed, 27 Aug 2014 09:02:21 -0400
To: helpcrypto helpcrypto <helpcrypto@gmail.com>
Cc: Frederick Hirsch <w3c@fjhirsch.com>, public-xmlsec-comments@w3.org, "public-xmlsec@w3.org List Public" <public-xmlsec@w3.org>
Message-Id: <27810048-1DA3-4E83-8E77-474E4F8AFB90@fjhirsch.com>
I prefer referencing XML Signature 1.1, as it includes numerous updates and clarifications, but it retains the same issue: http://www.w3.org/TR/xmldsig-core1/

If we look an the normative Reference Processing Model section (section 4.4.3.2 http://www.w3.org/TR/xmldsig-core1/#sec-ReferenceProcessingModel ) 
we see no restriction to exactly the sibling (yes you are correct regarding the meaning of sibling).  The sections where the concern is noted (Overview and Definitions) should be considered non-normative, unfortunately when this Rec was produced we had not adopted the approach of marking sections as we would today.

Logically it makes sense to not have the strict sibling interpretation, since if it were the case transforms could be used to reference descendant material in the sibling as a detached reference, but with more complexity and lack of clarity due to the transform. Thus it makes sense to allow siblings or the descendants. My understanding it that this text was merely trying to clarify that a detached same document reference should not be a enveloped or enveloping signature.

Thus I believe an errata is in order. Do others on the list from the WG agree with my interpretation?

 I propose the following two changes:

(1) Change the following text in Section 2, Overview, as follows:

Replace 

[[

Detached signatures are over external network resources or local data objects that reside within the same XML document as sibling elements; in this case, the signature is neither enveloping (signature is parent) nor enveloped (signature is child).

]]

with

[[

Detached signatures are over external network resources or local data objects that reside within the same XML document as sibling elements or the descendants of those sibling elements; in this case, the signature is neither enveloping (signature is parent) nor enveloped (signature is child).

]]

(2) Change the following test in the Definitions section  (section 10) for the definition term “Signature, Detached”:

Change

[[

"This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements.”

]]

to

[[

"This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but the data object is a sibling element to the Signature or descendant of the sibling element."

]]

I will send a formal Call for Consenus (CfC) to the list to record formal agreement before recording the errata item, but first am sending this proposal to solicit feedback.

As far as the Microsoft page is concerned, I see nothing wrong with it. Referencing the sibling is perfectly legal and appropriate, which is what the template shows. I don’t think they need to show all possibilities and I didn’t see a statement restricting usage.

Thanks for noting this issue.

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
@fjhirsch



On Aug 27, 2014, at 2:49 AM, helpcrypto helpcrypto <helpcrypto@gmail.com> wrote:

> Hi Frederick.
> 
> 
> According to your comment, this IS a valid detached signature, isnt it?
> 
> <root>
>     <my-data>
>         <node Id="n"></node>
>     <my-data>
>     <my-sign>
>         <Signature …>
>             …
>             <Reference URI=“#n”> 
>             ...
>         </Signature>
>     </my-sign>
> </root>
> 
> Just to be sure (not miss-translating): sibling are only sister/brother, right?
> 
> As stated in [4], " Detached signatures are over external network resources or local data objects that reside within the same XML document as sibling elements; in this case, the signature is neither enveloping (signature is parent) nor enveloped (signature is child). "
> 
> Also in [2], "The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs. This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements."
> 
> 
> I think both paragraphs induce an error/missunderstanding.
> Hence, I request a correction/errata:
>  -If the sibling part was added on purpose, many signatures "out there" are invalid, but on detached signatures content-data MUST BE siblings. Spec should be much more clear on this.
>  -If the sibling part was accidental, remove the bold/underlined parts and add an errata reference.
> 
> Should I proceed in someway to request this errata be considered officially?
> 
> Thanks a lot for your time and help
> Regards.
> PS: Someone should request Microsoft do the same with [3]...and even not to distinguish between internal/external ;)
> 
> [4] http://www.w3.org/TR/xmldsig-core/#sec-Overview
> 
> 
> 
> 
> On Tue, Aug 26, 2014 at 5:26 PM, Frederick Hirsch <w3c@fjhirsch.com> wrote:
> Sorry, must have missed your earlier email.
> 
> basically you can sign content within the Signature Object element (enveloping signature), sign the content that contains the Signature (enveloped signature) or other content
> (either in the same document but not the previous two cases, or external) as detached signature.
> 
> regarding your example, need to ref via #n, and with appropriate syntax
> 
> <Signature …>
> …
> <Reference URI=“#n”> 
> ...
> </Signature>
> 
> Does this help?
> 
> 
> regards, Frederick
> 
> Frederick Hirsch, Nokia
> @fjhirsch
> 
> 
> 
> On Aug 26, 2014, at 2:27 AM, helpcrypto helpcrypto <helpcrypto@gmail.com> wrote:
> 
>> Ping?
>> 
>> 
>> On Tue, Jul 29, 2014 at 9:30 AM, helpcrypto helpcrypto <helpcrypto@gmail.com> wrote:
>> Hi.
>> 
>> 
>> Altough XMLDSig [1] is quite old, stable and well-known, I havent been able to understand (maybe a translation/missunderstanding issue) the detached signatures properly.
>> 
>> According to [2]:
>> "The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs."
>> 
>> Ok. Detached elements...
>> 
>> 
>> "This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements."
>> 
>> Ok. Signature and object in the same XML doc and siblings.
>> 
>> 
>> As stated in [3] (I't seems the standard doesnt distinguish between internal/external)
>> "the signature and data can be in separate files or in the same XML file as sibling elements"
>> 
>> 
>> Shall I understand the "internally detached" unique valid signature is where signature and data are brothers (or sisters) [have the same parent]?
>> 
>> Is the following example a valid detached signature?
>> <root>
>>     <my-data>
>>         <node Id="n"></node>
>>     <my-data>
>>     <my-sign>
>>         <signature ref="n"></signature>
>>     </my-sign>
>> </root>
>> 
>> Thanks a lot for your help
>> Regards
>> 
>> 
>> [1] http://www.w3.org/TR/xmldsig-core/
>> [2] http://www.w3.org/TR/xmldsig-core/#def-SignatureDetached
>> [3] http://msdn.microsoft.com/en-us/library/ms759193%28v=vs.85%29.aspx
>> 
> 
>
Received on Wednesday, 27 August 2014 13:03:12 UTC