Cullen,
The definition of StoredData the opening of Section 6 and its Signature
in Section 6.1 are confusing:
struct {
uint32 length;
uint64 storage_time;
uint32 lifetime;
StoredDataValue value;
Signature signature;
} StoredData;
The contents of this structure are as follows:
length
The length of the rest of the structure in octets.
...
value
The data value itself, as described in Section 6.2.
signature
A signature over the data value. Section 6.1 describes the
signature computation. The element is formatted as described in
Section 5.3.4
6.1. Data Signature Computation
Each StoredData .... The input to the signature algorithm is:
resource_id + kind + StoredData + SignerIdentity
Where these values are:
...
StoredData
The contents of the stored data value, as described in the
previous sections, with the lifetime set to 0.
1) "length" seems to suggest it equals (sizeof(StoredData) -
sizeof(length)), which means the size of StoredDataValue and Signature
must be obtained before signing. No big deal, but the text should more
explicit and precise. Suggestion:
length
The size of the StoredData structure in octets excluding the size
of length itself.
2) The big problem is the signature input. In Section 6 the term "data
value" appears in both the definition of "value" and "signature", seems
to suggest that the 3rd input block for the signature only refer to the
"value" field. In Section 6.1, the instruction of setting "lifetime" to
0 before signing suggest the signature includes the rest of the fields
PLUS the signature itself (the 3rd input block is "+ StoredData +").
If I am not mistaken, the correct definition for the signature input
should be:
resource_id + kind + storage_time + lifetime + value + SignerIdentity
The fact that "length" includes the size of the signature is somewhat
awkward to be in the input. Excluding it does not degrade the security
of the signature. If it is up to me, instead of setting "lifetime" to 0
before signing, why not exclude it all together?
3) "SignerIdentity" in this section should refer to its definition in
Section 5.3.4 to prevent people from reading it as simply a 20-byte SHA1
hash value.
SignerIdentity
The signer identity as defined in Section 5.3.4, which MUST include
a hash of the signer's certificate.
Thanks
--Michael
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
