Comments requested on proposed changes to Widget Signature specification

Below Marcos outlines changes he made to Widget Signature Spec, revised draft at http://dev.w3.org/2006/waf/widgets-digsig/

Please indicate any comment on the list. 

regards, Frederick

Frederick Hirsch
Nokia



Begin forwarded message:

> From: ext Marcos Caceres <marcosscaceres@gmail.com>
> Date: May 2, 2011 11:25:53 AM EDT
> To: <Frederick.Hirsch@nokia.com>
> Cc: <Art.Barstow@nokia.com>, <public-webapps@w3.org>
> Subject: Re: [widgets] Dig Sig spec
> 
> 
> On Friday, April 29, 2011 at 8:19 PM, Frederick.Hirsch@nokia.com wrote: 
>> Marcos 
>> 
>> I'd suggest you first send an email with the top 10 substantive changes to the list, e.g. which algorithms change from mandatory to optional or optional to mandatory etc, which processing rules you are relaxing, etc
>> 
>> this would take less time for you and be much clearer to all.
> 
> I could only come up with 5... as I previously mentioned, the spec just contained a ton of redundancies (4 pages worth), but the conformance requirements are all pretty much the same. 
> 
> The draft is up at: 
> http://dev.w3.org/2006/waf/widgets-digsig/
> 
> As I previously stated, the purpose of this fix up was to make concessions for WAC 1.0 runtimes, which use the default canonicalization algorithm of XML Dig Sig 1.1. Additional changes are based on working with various vendors who implemented the WAC 1 or are working on the WAC 2 specs (including the implementation that was done at Opera). 
> 
> 1. Validator and signers are now true [XMLDSIG11] implementations. No exceptions. This means that the test suite can be greatly reduced because everything is palmed off to [XMLDSIG11]. There is now a clear separation between a signer and validator, meaning that the "implementation" product is no longer needed. 
> 
> 2. Validators and signers now rely on [Signature Properties] for generation and validation of signature properties (as it should have been from the start). This removes a bunch of redundant text in the spec. The validation process is now written as an algorithm, as is the signing process. It makes it easy now to generate or validate a signature by simply following the steps. In the old spec, one had to jump all over the spec to check all sorts of things (e..g, Common Constraints for Signature Generation and Validation and the Requirements on Widget Signatures, both which are now folded into the appropriate algorithms). The spec now also links to the right places in [XMLDSIG11] and [Signature Properties]. 
> 
> 3. The specification now only RECOMMENDs algorithms, key lengths, and certificate formats. Validators are no longer forced fail on certain certificate formats or algorithm. The only exception is the minimum key lengths, which are still enforced during verification (impossible to test during signing, without verifying, so the requirement is kinda useless). 
> 
> 4. The specification strengthens the recommended key lengths to be a little bit stronger (buy a few more years). 
> 
> 5. The spec now only contains 3 conformance criteria. 
> 
> [
> To digitally sign the contents of a widget package with an author signature, a signer MUST run the algorithm to generate a digital signature.
> 
> To digitally sign the contents of a widget package with a distributor signature, a signer MUST run the algorithm to generate a digital signature.
> 
> To validate the siganture files of a widget package, a validator MUST run the algorithm to validate digital signatures.
> ] 
> 
> I think everyone will now find this new specification much easier to read, implement, and conform to without having in real impact on existing implementations. 
> 
> Kind regards,
> Marcos 
> 
> 

Received on Friday, 20 May 2011 19:57:43 UTC