RE: DSAKeyValue text from Saroop Mathur on 2001-06-07 (w3c-ietf-xmldsig@w3.org from April to June 2001)

From: Saroop Mathur <saroop@saroop.com>
Date: Thu, 7 Jun 2001 09:28:14 -0700 (PDT)
To: "Dournaee, Blake" <bdournaee@rsasecurity.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <20010607162814.40553.qmail@web10403.mail.yahoo.com>

Blake,

If the sender is already authenticated, then you don't need the
certificate for authentication. However, that is not sufficient to
gurantee integrity of the document. What is to prevent somebody from
changing the document, generating a new signature with his own private
key and replacing the public key in the document?

If your implementation supports using public keys without certificates,
then you have an insecure product.

-Saroop
--- "Dournaee, Blake" <bdournaee@rsasecurity.com> wrote:
> Saroop,
> 
> I think I can answer at least part of your question. 
> 
> Certain applications might already have authenticated the sender of
> the
> signature through some other means that is not explicitly part of the
> <Signature> element.
> 
> In this case the public key can be used to verify the integrity of
> the data.
> It would be inefficient to only allow certificates to be sent - they
> are
> much larger and contain additional information that is redundant if
> the
> sender has already been properly authenticated.
> 
> Can anyone out there add to this?
> 
> Blake Dournaee
> Toolkit Applications Engineer
> RSA Security
>  
> "The only thing I know is that I know nothing" - Socrates
>  
>  
> 
> 
> -----Original Message-----
> From: Saroop Mathur [mailto:saroop@xpressent.com]
> Sent: Thursday, June 07, 2001 6:49 AM
> To: w3c-ietf-xmldsig@w3.org
> Subject: Re: DSAKeyValue text
> 
> 
> This is somewhat offtopic and may already have been discussed
> previous.
> If so, I apologize.
> 
> What is the value of sending RSA/DSA public keys outside of
> certificates? Without certificates, the public keys cannot be
> trusted.
> Unless I am missing something, I would suggest that the XMLDSIG
> should
> discourage implementations from sending public keys without
> certificates. Currently, section 4.4.2 section specifies that support
> for DSAKeyValue element is REQUIRED. Doesn't this lead to
> implementations that are insecure?
> 
> -Saroop
> 
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail - only $35 
> a year!  http://personal.mail.yahoo.com/
> 


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!  http://personal.mail.yahoo.com/

Received on Thursday, 7 June 2001 12:28:21 UTC