My general impression is that something that requires two pieces of software to agree on an exact, bit for bit infoset representation of an XML document in order to get security to work is a poor idea.  I have seen no wide deployments/usage of DSig in Atom feeds -- despite it being part of the spec -- and many complaints about how it's not possible to get it to work reliably given the software stacks currently in use.  The difficulties with canonicalization-for-signing in OAuth implementations have also reinforced my belief that it's much better to err on the side of the robust and simple.

Signing a stream of uninterpreted bytes cuts out a whole slew of failure modes, and the ones that remain are debuggable -- the bytes match or they don't, and standard tools can tell you which.  It means it's possible to verify a signature with curl + a command line utility.  These are all very good things.

(As a side note, it would also make the content type orthogonal to the signature code -- this is a good thing.)

So, +1 for the simplest form of signing that could possibly work.

-John


Johannes Ernst wrote:
I proposed something I called XML-RSig for similar reasons a few years ago:
    http://netmesh.info/jernst/Technical/really-simple-xml-signatures.html

"RSig" for "Really simple Signature".

The trouble for OpenID and XRD and so forth is that it is not our core competency -- and shouldn't be -- to innovate around things that really aren't our business. Signing XML documents isn't our business.

On the other hand, the people whose business it should be somehow seem to be asleep at the wheel, as the problems are well-known and somehow aren't being addressed, and haven't for years.

It seems to me that the best way out of this conundrum is:
1. to foresee, architecturally, the use of several different ways of constructing signatures, as the matter clearly isn't settled
2. to make sure that high-end approaches (like XML-DSIG) work well, but low-end approaches (like XML-RSIG) work just as well
3. to maintain a best practices document that says "today, choice X is your best bet, and we say that because based on our market research, X has the highest market share in terms of implementors today."

As we all know, any problem in computer science can be solved by adding a level of indirection. This may well be one of those cases.





Johannes Ernst
NetMesh Inc.




 



 http://netmesh.info/jernst




_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs



_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to