Hi Uri,
On 6/7/16 7:32 PM, Blumenthal, Uri - 0553 - MITLL wrote: > > * We now include a signature mechanism for the MUD files. It > was always the plan to do this. There were two choices: > CMS/PKCS#7 or JWS. Again for tooling's sake, so that people > don't need to roll their own, especially for anything security > related, we've gone with CMS and a detached signature at > that. Thanks to John Bashinsky and others for their advice on > this. This area in particular could stand close scrutiny. > > Wouldn’t CMS still require serialization/canonicalization? Yes/No, depending on what you mean. Currently we're treating the MUD file as binary precisely to avoid canonicalization. The transport for all of this is HTTPS and UTF-8. > > Tooling-wise, OpenSSL is indeed prevalent (and seems to do CMS quite > well) – but JWS tools are around, so you wouldn’t need to roll your > own if you decided to go that way. I'm not saying there are no tools around, but I personally found slim pickings in the form of various libraries. If people think we should go in a different direction... The key here though is not whether I would want to roll my own but whether others would be able to do the same. This is a pretty large uplift for some, and one goal is to make that as painless as possible. > > Do I need the ability to tell whether a MUD file was not signed or its > signature was deleted? The spec requires that all files be signed and that the signatures be verified prior to processing. And thanks for again for the comments. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
