Re: Proposed Final Charter and Activity Proposal

Hi Joseph (et al),
Replay, not reply :-). The question is, can any harm be done by re-sending 
a message multiple times (a message that was sent from someone else in the 
first place). Text book examples of this are things like a message from me 
saying "Deposit $1000 into Joseph Reagle's account" to my bank. Real life 
examples tend to be more subtle. I did notice there was no discussion of 
just what damage replay could do in this context, and it wasn't clear to 
me on a quick read what it would be. If people have been using this 
protocol for a while, maybe they have thought about it. Otherwise, I 
imagine the WG will think about it a bit. Either way, the results should 
be written down.
        Mez





Joseph Reagle <reagle@w3.org>
08/31/01 02:46 PM
Please respond to reagle

 
        To:     Mary_Ellen_Zurko@iris.com
        cc:     www-xkms-ws@w3.org
        Subject:        Re: Proposed Final Charter and Activity Proposal


On Wednesday 29 August 2001 15:58, Mary_Ellen_Zurko@iris.com wrote:
> "XKMS implementations must be able to interoperate in a useful and 
secure
> fashion for all tiers of services".

I've added "These features, and their specification, must be able to 
interoperate in a secure fashion. to requirement 3.

> As a specific example, I'm concerned that there seems to be
> no way to guard against replay detection when interoperating between
> different implementations. 

A reply in what sense? My understanding is that  XKMS defines the grammar 
and 
syntax for exchanging keys and their metadata. I assume the integrity and 
authenticity of that information (like a key query) would be covered by 
XMLDSIG and SAML?