[ACTION-74] Re: Reminder: WG actions needed on Best Practices before publication from Konrad Lanz on 2008-10-07 (public-xmlsec@w3.org from October 2008)

From: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
Date: Tue, 07 Oct 2008 17:39:54 +0200
To: Sean Mullan <Sean.Mullan@Sun.COM>, XMLSec WG Public List <public-xmlsec@w3.org>
CC: Pratik Datta <pratik.datta@oracle.com>, "Hirsch Frederick (Nokia-OCTO/Boston)" <frederick.hirsch@nokia.com>
Message-ID: <48EB82CA.4050403@iaik.tugraz.at>

Sean,

Sean Mullan wrote:
> But RetrievalMethod is not one of the valid KeyInfo types that 
> RetrievalMethod can refer to (see section 4.4):

the point I was making in our last telco was that RetrievalMethod *is*
potentially recursive just as Pratik mentions, especially as the Type
attribute is optional and is hence not necessarily constraining as Sean
mentions.

Konrad

>From our minutes, ...

>> klanz2: I thought RetrievalMethod *is* recursive?
>>
>> <fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0054.html
>>
>> fjh: deferred
>> [...]
>> <klanz2> name="Type" type="anyURI" use="optional"


http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod :
>    <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> 
>    <complexType name="RetrievalMethodType">
>      <sequence>
>        <element ref="ds:Transforms" minOccurs="0"/> 
>      </sequence>  
>      <attribute name="URI" type="anyURI"/>
>      <attribute name="Type" type="anyURI" use="optional"/>
>    </complexType>
>   


> Pratik Datta wrote:
>   
>> There is some ambiguity around the "RetrievalMethod"
>>
>> The spec says that
>>
>> "The result of dereferencing a |RetrievalMethod| |Reference <#sec-URI>| 
>> for all |KeyInfo| types defined by this specification <#sec-KeyInfo> 
>> (section 4.4) with a corresponding XML structure is an XML element or 
>> document with that element as the root"
>>
>> My interpretation is that a RetrievalMethod can point to a KeyInfo type, 
>> and one of the KeyInfo types is RetrievalMethod.  So doesn't this imply 
>> reference chaining? Because effectively a RetrievalMethod is pointing to 
>> another RetrievalMethod , which can point to yet another one and so on.
>>     
>
> But RetrievalMethod is not one of the valid KeyInfo types that 
> RetrievalMethod can refer to (see section 4.4):
>
> The following list summarizes the KeyInfo types that are allocated an 
> identifier in the &dsig;  namespace; these can be used within the 
> RetrievalMethod Type attribute to describe a remote KeyInfo structure.
>
>      * http://www.w3.org/2000/09/xmldsig#DSAKeyValue
>      * http://www.w3.org/2000/09/xmldsig#RSAKeyValue
>      * http://www.w3.org/2000/09/xmldsig#X509Data
>      * http://www.w3.org/2000/09/xmldsig#PGPData
>      * http://www.w3.org/2000/09/xmldsig#SPKIData
>      * http://www.w3.org/2000/09/xmldsig#MgmtData
>
> --Sean
>
>   
>> Pratik
>>
>> Sean Mullan wrote:
>>     
>>> Hirsch Frederick (Nokia-OCTO/Boston) wrote:
>>>       
>>>> All
>>>>
>>>> We have some items to complete before publishing the Best Practices 
>>>> as a first working draft.
>>>> If we can complete these items before 7 October, then we can agree at 
>>>> that meeting to the changes, incorporate them before the F2F and 
>>>> agree to publish during the F2F (unless we are able to agree to 
>>>> publish on 7 October).
>>>>
>>>> 1) Please review the current Best Practices draft so that we can 
>>>> approve as working draft for publication. Please post any comments to 
>>>> the list by next week.
>>>>
>>>> http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/
>>>>         
>>> A couple of comments on section 2.1.3
>>>
>>> I don't understand how an implementation would process this 
>>> RetrievalMethod recursively in an endless loop. I think a valid 
>>> implementation should dereference the any RetrievalMethod once, pass 
>>> the result through transforms and return the resulting XML Structure 
>>> (or KeyInfo if it is one of the types in [1]). I think that in order 
>>> for this attack to succeed, the reference processing model would need 
>>> to support reference chaining, but AFAICT it doesn't allow that.
>>>
>>> Also, there is a duplicate best practice #5 in this section. (Section 
>>> 2.1.2 contained best practice #5).
>>>
>>> --Sean
>>>
>>> [1] http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-KeyInfo
>>>
>>>       
>
>
>   


-- 
Konrad Lanz, IAIK/SIC - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Tel: +43 316 873 5547
Fax: +43 316 873 5520
http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/
http://jce.iaik.tugraz.at

Certificate chain (including the EuroPKI root certificate):
https://europki.iaik.at/ca/europki-at/cert_download.htm

Received on Tuesday, 7 October 2008 15:41:01 UTC