W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

RE: Minutes from Today's Call Please Review/Correct

From: Phillip M Hallam-Baker <pbaker@verisign.com>
Date: Fri, 20 Aug 1999 15:49:51 -0400
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <005201beeb45$2ac3d320$6e07a8c0@pbaker-pc.verisign.com>
> I agree. (Though the agreement over c14n being optional is over actual
> content referrenced in a package or manifest, not over the 
> processing of the
> package or manifest itself, right? David and Richard's proposals seem to
> require c14n of those objects. David, Richard?)

If so that should be corrected. The requirement has no justification.
It is contrary to the principle agreed.

The only argument advanced in favour of C14N has been that some folks 
want transmission over channels which introduce noise. On the minus
side there is the cost of implementation, the possibility of introducing
errors in the C14N code, the likelihood that C14n will introduce
ambiguities which might provide an attacker with an opportunity
and that does not even take account of the complexities of the
interaction between the C14N preprocessor and those handling all the
packaging, fragmenting etc. that people are proposing.

There has never been a requirement that a particular signed object
have a unique signature under a particular private key. If so the
DSA would fail since signing a document twice is guaranteed to give
different results in all but 1 time out of 2^128 attempts.

Received on Friday, 20 August 1999 15:48:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:09:55 UTC