KeyInfo questions/comments

1) Why require support for unprotected, unvalidated keys?  It seems a little strange to make KeyInfo OPTIONAL to accommodate applications that, for whatever reason, do not wish to disclose KeyInfo then to mandate that applications wishing to use some form of KeyInfo provide support for what may be the weakest option.  Perhaps no KeyInfo option should be required.  

2) DSA support is required.  Where the KeyValue element is used to identify a DSA key the presence of parameters is required (see section 6.4.1).  The DSA parameter problem present in X.509 described by Santosh Chokhani (see http://www.cygnacom.com/downloads/dsaflaw.zip) is also a problem here.  Parameters found in KeyValue cannot be trusted, should not be used and thus need not be included.  The requirement that parameters must be included should be replaced with a requirement that parameters must be absent and be obtained from a trusted source.

3) Section 4.4 states that "applications may define and use any (KeyInfo) mechanism they choose through inclusion of elements from a different namespace."  This doesn't appear to be possible given the current DTD and schema definitions.


Carl Wallace
CygnaCom Solutions

Received on Monday, 13 March 2000 11:18:58 UTC