RE: Who cares what MUST be signed? from Matthew Appler on 1999-12-06 (w3c-ietf-xmldsig@w3.org from October to December 1999)

From: Matthew Appler <mappler@corsec.com>
Date: Mon, 6 Dec 1999 15:38:43 -0500
To: "Daniel LaLiberte" <liberte@w3.org>, "Andreas Schmidt" <aschmidt@darmstadt.gmd.de>
Cc: "XMLDSig WG mailing list" <w3c-ietf-xmldsig@w3.org>
Message-ID: <000001bf4029$e33680e0$27f4ae81@corsec.com>
I apologize if I am speaking on topics that have been well covered already,
but I am a recent addition to your mailing list.  I am new (last 2 months)
to XML, but have followed this group with much interest.

As far as I am aware, there is no requirement in the definition of a
"digital signature" that would require the object being signed to have a
"sender" and a "recipient".  It is true that many applications of digital
signature use this paradigm, but it is not a requirement.  As such, both the
signer and verifier (whether they be sender, recipient, or interested 3rd
party) have a vested interest in what is signed, how it is signed, and when
it is signed.

There are clearly numerous examples of each party's interest in the
signature process (as pointed out by members of this list)

Clearly it seems that there is an issue in XML as to the "meaning" of a
signature, given that the actual binary file representation does not make
sense to be signed.  However, I do not see anywhere in the XML-Signature
Requirements document that specifies that the basic "meaning" of digital
signatures in general need to be specified or modified from their current
definition to accommodate XML.  It seems that the XML signature
specification should only address what can and cannot be derived as meanings
from the signature scheme that is proposed, and allow users of the standard
to utilize that information as they see fit.


 -Matthew Appler
  Corsec Security, Inc.

-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Daniel LaLiberte
Sent: Monday, December 06, 1999 2:48 PM
To: Andreas Schmidt
Cc: XMLDSig WG mailing list
Subject: Re: Who cares what MUST be signed?


 > Daniel LaLiberte writes:
 > >To reiterate, it seems that it is ONLY the verifier that cares what is
 > >signed.  When does the signer really WANT to sign something except to
 > >satisfy the needs of verifiers.  What advanatage does the signer have?
 > >A signature seems to only obligate the signer.

Four people (so far) have given good reasons for why the signer may WANT
to sign something for its own benefit, so I am reconsidering.  No one
else has disagreed with these reasons, so perhaps others also agree.

I think one result of this discussion, if we get there, is to add to the
XML-Signature Requirements document
(http://www.w3.org/TR/xmldsig-requirements) somewhere in the Design
Principles and Scope.  I don't have a proposal for what might be said,
but perhaps someone else on this list could make one.  There seems to be
a lack of any language about this issue, though I think it should be
addressed.  The closest thing is the section on "The meaning of a
signature".

Andreas Schmidt writes:
 > Regarding this general point, I have have a quite different view. I see
 > signatures as part of messages addressed to a certain recipient. Thus
 > they are special assertions that the signer wants to transmit (that is,
 > I think of signed documents as speech acts). I think the view that
 > signatures meaning and content are determined by the verifier stems from
 > the fact that, in most cases, there is a _final_ recipient (a court) who
 > takes the special role to prove or disprove the assertions made by the
 > signer - and often the signature will be practically designed after the
 > requirements of that verifier.

The requirements of the verifier (of which there may be many, with
different requirements) are what I had in mind in motivating the signer
to sign something.  But although I can see now that the signer might
also have some requirements, I'm not sure that the best way to support
this is by imposing requirements on the verifier by way of the
signature.

But these requirements are slightly different, I think, from saying that
the meaning of the signature and content are (or might be) determined by
the verifier.  In other words, the verifier might require that the
signer sign something with the semantics *as declared by the signer*
which are in agreement with what the verifier requires.

I think the general rule here is that the signer should be able to
declare any semantics it wants to, while the verifier can try to use any
semantics it can get away with, and may require certain things in order
to proceed.  If the signer wants to require something of the verifier,
perhaps it should get the verifier to sign something as well.

Just so it is clear, I am not suggesting that the XMLdsig group should
formalize specific semantics beyond the core semantics of verification.
But it does appear to be necessary to specify a standard way in which
those higher-level semantics MAY be declared, if required by an
application.

 >   Nevertheless, I do not see which restrictions the verifyer-oriented
 > view would pose on any syntax with which one wants to express
 > general-purpose digital signatures. Could You state for example, what
 > kind of assertions and syntax would be ruled out by Your view (e.g.
 > unsigned locations) and why? In fact, I would oppose any requirement You
 > would draw from Your viewpoint, that restricts the signers expressivity
 > beyond the syntactic restrictions posed by the current draft.

I wouldn't want to restrict the signers expressivity.  So I think I am
agreeing with you on this.

--
Daniel LaLiberte
liberte@w3.org
Received on Monday, 6 December 1999 15:38:52 UTC