It is my believe you should perform the full path verification. If you don't then you have no confidence in any of the signed attributes associated with the signature such as the URL for the plasma server and thus go someplace you don't want to and start the plasma protocol.
Jim From: [email protected] [mailto:[email protected]] On Behalf Of Alan Borland Sent: Wednesday, March 13, 2013 6:21 AM To: '[email protected]' Subject: [plasma] Verifying the signature of the LockBox. [Boldon James classification: UNMARKED EXTERNAL] When we open a message we have to determine if the message is a traditional S/MIME message or a Plasma message. This is done by inspecting the CMS envelopedData layer looking for a Plasma LockBox. If the lockbox is found we verify the SignedData signature, but this got me thinking. Should we verify just the integrity of the signature itself or should we also perform a full certificate path validation as well? This would mean every user needs to trust a certificate from the Plasma Server (additional overhead - is this an issue?), but then if the Plasma Server is somehow compromised this would be a way of returning the error to the client. I couldn't decide either way, at the moment we're doing a full certificate path validation. Alan. Alan Borland Boldon James Limited, a QinetiQ company Mobile: +44 (0)7810 556709 Direct: +44 (0)1270 507841 Switch: +44 (0)1270 507800 Email: [email protected] Email (R): [email protected] Web: www.boldonjames.com
_______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
