Transforms useless in current spec from John Boyer on 2000-01-10 (w3c-ietf-xmldsig@w3.org from January to March 2000)

From: John Boyer <jboyer@uwi.com>
Date: Mon, 10 Jan 2000 10:13:01 -0800
To: "DSig Group" <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBLAOMJKOFPMBCHJOICEONCCAA.jboyer@uwi.com>

These comments are based on [1].

[1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000104/

The final paragraph of Section 7.1 states:

"Furthermore, core validation behaviour does not confirm that the signed
resource was obtained by applying transforms to the specified source
document. This behaviour is left to the application as core validation only
checks the digest values of the source document and the signature over
SignedInfo. If this fact is important, then additional information (such as
by including References to both the original and transformed documents) is
needed."

The processing rules for core validation in Section 6.2.2 are:

6.2.2 Reference Validation
For each object reference in SignedInfo, obtain digested content (this may
be obtained by locating object and applying Transforms to the specified
resource based on each Reference(s) in the SignedInfo element. Each
transform is applied in order from left to right to the object with the
output of each transform being the input to the next.).

Presumably, there is great emphasis on the word 'may'.  The word should be
MUST, and the paragraph in Section 7.1 should be removed.  Otherwise, you
should take the transforms out since they are useless.  6.2.2 should read:


6.2.2 Reference Validation
For each object reference in SignedInfo, obtain digested content (this MUST
be obtained by locating object and applying Transforms to the specified
resource based on each Reference(s) in the SignedInfo element. Each
transform is applied in order from left to right to the object with the
output of each transform being the input to the next.).

WHY?

A transform is a self-referential statement about the message that was
digested.  We count on cryptography to secure the statements in a message M,
and (aside from referring to M) a transform is a statement in the same sense
that "I agree to pay $1,000,000 on date D for service S" is a statement.  If
an application did not use the defined transforms to obtain M, I would
expect the signature to break.

Note that it is recommended but not required that transforms be supported.
If an application which does not support transforms encounters a signature
containing transforms, obviously it should generate an error and not report
the signature as valid.

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company

Received on Monday, 10 January 2000 13:16:32 UTC