- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 24 Aug 1999 17:00:27 -0400
- To: "Phillip M Hallam-Baker" <pbaker@verisign.com>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
At 13:31 99/08/24 -0400, Phillip M Hallam-Baker wrote: >I am opposed to introducing the possibility of a downgrade or >algorithm substitution attack. Good point, it might be worthwhile to have a security requirements section and include this principle. Regardless, does this requirement necessarily conflict with a mandatory to implement but optional to use c14n? .... Again, if a signer is not confident the receiver is willing to use/trust a feature, he is much less likely to use it. However, this evaluation will be made on the basis of the trust of the feature's specification/implementation, not whether the feature will be implemented at all. Pursuing the former leads to use of the feature at a level commensurate with its quality (including abandonment if there's a hole); pursuing the latter converges to non-use given the network effects of interoperability. The former satisfies those who need c14n and are willing to risk it as well as those who refuse to use it. The latter only serves those who refuse to use it. _________________________________________________________ Joseph Reagle Jr. Policy Analyst mailto:reagle@w3.org XML-Signature Co-Chair http://w3.org/People/Reagle/
Received on Tuesday, 24 August 1999 17:00:35 UTC