- From: Sean Mullan <Sean.Mullan@Sun.COM>
- Date: Tue, 26 Aug 2008 09:17:26 -0400
- To: cantor.2@osu.edu
- Cc: public-xmlsec@w3.org
It seems like exclusive c14n is only used to avoid namespace leakage issues (since you don't need c14n at all in the simple-sign case). I wonder if a simplified c14n algorithm that just avoided namespace leakage would help. Thanks, Sean Scott Cantor wrote: > I offered to provide some background on this use case. > > First, a basic description of the spec. SAML defines a number of "bindings" > that describe how to send XML messages from one place to another. In the > base standard, the bindings rely on XML Signature for signing messages. The > signatures live inside the XML messages being signed (enveloped signatures). > Exclusive c14n is a major requirement there for all the usual reasons. The > result is that very few languages support the creation or verification of > signed messages. This is a huge problem and most people using such languages > gave up on SAML (if they ever looked at it) as a result. > > To fix this, we took advantage of the reliance on HTTP form post as one of > the main binding "transports", and defined a much simpler mechanism for > signing a message in which the signature is outside the message, and the XML > is signed as literal text. In XMLSig terms, this would be a detached > signature, but: > > - there's no means of referencing the text in an HTML form element so that > the usual detached XML signature Reference sytax would work > > - there's no partcular value in representing the signature itself as XML > anyway > > So, the algorithm identifier (which is copied from XML Signature for > convenience) is concatenated with the XML (as a string) to produce the input > to the digest, and the signature value and the algorithm are passed as > separate form elements. > > Abstracting out the requirements, I would say the following: > > The Signature need not be inside the document (detached). > > The message transmission medium allows for the message and the signature > (and algorithm, etc.) to be packaged together. In this particular use case, > the medium is an HTML form with the browser being manipulated to submit it, > which precludes S/MIME. > > Creating and verifying the signature don't require XML processing, let alone > c14n or transforms, so any language able to handle the cryptography can be > used. > > As I said in another thread, I'm inclined to view this as a special case in > which S/MIME would probably be the right solution but isn't usable in this > particular situation. > > -- Scott > > >
Received on Tuesday, 26 August 2008 13:18:07 UTC