- From: Meiko Jensen <Meiko.Jensen@ruhr-uni-bochum.de>
- Date: 19 Apr 2010 13:25:23 +0200
- To: "XMLSec WG Public List" <public-xmlsec@w3.org>
Hi all,
regarding the support for streaming mode verification of XML Signatures
I'd like to throw in the following idea: Is is useful to define optional
XML processing instructions that indicate the parsing engine with all
information necessary to process the referenced parts of a document?
Strawman example:
<A>
<?xml-signature c14n="..." digestMethod="..." ?>
<SignedFragment>
Some signed contents
</SignedFragment>
</A>
This way, the parsing engine is not required to first inspect the
<ds:Signature> subtree for determining the selection paths (e.g. if that
information occurs late in the document, as e.g. in SAML Assertions).
Hence, this might allow one-pass signature verification instead of
two-pass/DOM in many scenarios. It's easier to collect all data, then
draw the links instead of starting with the <Reference> and follow a
backward link.
Obviously, the information given in the PI must be validated for
equality to those given in the <ds:Signature> part later on, to prevent
version-rollback attacks. However, I don't see a reason to have the PI
covered by any signature itself.
What do you think?
best regards
Meiko
--
Dipl.-Inf. Meiko Jensen
Chair for Network and Data Security
Horst Görtz Institute for IT-Security
Ruhr University Bochum, Germany
_____________________________
Universitätsstr. 150, Geb. IC 4/150
D-44780 Bochum, Germany
Phone: +49 (0) 234 / 32-26796
Telefax: +49 (0) 234 / 32-14347
http:// www.nds.rub.de
Received on Monday, 19 April 2010 11:25:53 UTC