Verification Response Proposal: Toolkits ought to return bytes of verified data to the application from edsimon@xmlsec.com on 2002-01-09 (w3c-ietf-xmldsig@w3.org from January to March 2002)

From: <edsimon@xmlsec.com>
Date: Tue, 8 Jan 2002 20:59:37 -0500
To: w3c-ietf-xmldsig@w3.org
Cc: manoj@infomosaic.com
Message-ID: <3C2A4F5100003B9F@mail.san.yahoo.com>

Hi,

I've been reviewing a number of XML Signature Toolkits and it seems to me
that most do not implement a means, upon verification, of providing the
signed bytes back to the application. To me, such functionality is often
critical particularly for detached data (eg. data external to the document
containing the XML Signature).

As an example, take an XML Signature that includes a <Reference> URI pointing
to "http://www.xmlsec.com". The application calls the Toolkit API xsig.verify()
which then indicates no changes occurred to "http://www.xmlsec.com" since
the XML Signature was created. However, the verify() method doesn't return
the data acquired when dereferencing the URI and so the XML Signature is
really almost useless to an application that needs to use that data. Sure
the application could dereference the URI itself but how does it know it
is getting the same data that was verified.

Accordingly, I would like XML Signature Toolkit APIs to include

a) a basic verify() method that simply indicates whether the XML Signature
is valid or not (I think all Toolkits already do at least this)

b) a verify() method that returns, upon positive verification, the bytes
that were acquired by dereferencing the <Reference> element's URI during
the digest verification processing

c) b) a verify() method that returns, upon positive verification, the bytes
that were acquire by dereferencing the <Reference> element's URI and applying
the prescribed transforms (see the XML Signature "See what is signed" section
for details) during the digest verification processing

I emphasize "during the verification processing" because it must be the
bytes. Note that I'm NOT trying to define an API, I'm just using pseudo-functions
to express the functionality that I think is required. I'm glad to note
that Infomosaic's proposed verification response structure seems to touch
on the functionality of b) or c). Manoj, or someone else from Infomosaic,
would you please comment.

Most apps I've come across would greatly benefit from the functionality
of b). The c) functionality will be critical for some apps but those using
transforms simply as filters will find the b) functionality is exactly what
is required.

If you are a Toolkit designer and want to contact me directly about this,
feel free to do so.

I'd like to hear others opinions on this whether you are designing Toolkits
or not.

Let me know what you think,
Ed

-----------------------------------------------------------------------------------------------
Ed Simon
<edsimon@xmlsec.com>
XMLsec Inc.

Interested in XML Security Training and Consulting services? Visit "www.xmlsec.com".

Received on Tuesday, 8 January 2002 20:59:55 UTC