- From: Aleksey Sanin <aleksey@aleksey.com>
- Date: Thu, 11 Apr 2002 10:08:07 -0700
- To: Blair Dillaway <blaird@microsoft.com>
- CC: xml-encryption@w3.org
Blair, Small tweak in my example (one <EncryptedData/> element and two <EncryptedKey /> elements pointing to each other) breaks the check you've described. I agree with you that there is no way to prevent a DoS attack. However, it is possible to make the "bad guys" life harder :) I don't suggest to change the XML Encryption design but I do think that a warning about possible problem is a good idea. Aleksey Blair Dillaway wrote: >In your example, the RetrievalMethod indicates you are to retrieve an >EncryptedKey. Shouldn't your code immediately error when it finds the >target of the URI is an EncryptedData? > >In any event, we had a fairly long discussion on DoS issues when this >activity started and realized there is no way to prevent them and also >meet our goal of creating a general purpose and flexible system. Its >fairly easy to construct examples that will cause a recipient to very >deeply recurse (possibly infinite) looking for a decryption key. I >suppose one could support an application defined recursion limit to try >and bound this problem, but addressing DoS attacks was not a goal of the >WG. > >Blair >
Received on Thursday, 11 April 2002 13:09:18 UTC