- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 18 Oct 2001 10:34:00 -0400
- To: "Výboch, Michal" <mvyboch@gratex.com>
- Cc: dsig <w3c-ietf-xmldsig@w3.org>
[Note, your message should've been sent to the dsig list, not the xenc list, so I'm rerouting my reply.] On Thursday 18 October 2001 6:58, Výboch, Michal wrote: > Why the 1. step of core validation is reference validation? > I think that the first step should be signature validation and if it is > successed then the reference validation should be calculated. > Because if reference validation is treated at first and somebody changed > reference URI the reference validation will access to this changed URI > and it could bring some security weakness. As recently discussed on the list [1], step 1 of Reference validation it to canonicalize SignedInfo, which mitigates URI rewriting concerns. I believe the order of Core Validation (Reference Validation, then Signature validation) was editorial, and written to be of the same order as as for signature generation. However, I believe implementations could do various optimizations. For instance, step 1 of Reference Validation requires the SignedInfo to be canonicalized for security purposes. However, that canonical form of SignedInfo can be retained for Signature Validation, in step 1, "Obtain the keying information from KeyInfo or from an external source." and for step 2, "confirm the SignatureValue over the SignedInfo element." If an implementation didn't care to provide specific information to the user about why a signature failed I don't see any problem checking the signature first and throwing an error. (I expect signature validation is cheaper than reference validation.) [1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 18 October 2001 10:34:08 UTC