My general impression is that something that requires two pieces of
software to agree on an exact, bit for bit infoset representation of an
XML document in order to get security to work is a poor idea. I have
seen no wide deployments/usage of DSig in Atom feeds -- despite it
being part of the spec -- and many complaints about how it's not
possible to get it to work reliably given the software stacks currently
in use. The difficulties with canonicalization-for-signing in OAuth
implementations have also reinforced my belief that it's much better to
err on the side of the robust and simple.
Signing a stream of uninterpreted bytes cuts out a whole slew of
failure modes, and the ones that remain are debuggable -- the bytes
match or they don't, and standard tools can tell you which. It means
it's possible to verify a signature with curl + a command line
utility. These are all very good things.
(As a side note, it would also make the content type orthogonal to the
signature code -- this is a good thing.)
So, +1 for the simplest form of signing that could possibly work.
-John
Johannes Ernst wrote:
I proposed something I called XML-RSig for similar reasons
a few years ago:
http://netmesh.info/jernst/Technical/really-simple-xml-signatures.html
"RSig" for "Really simple Signature".
The trouble for OpenID and XRD and so forth is that it is not our core
competency -- and shouldn't be -- to innovate around things that really
aren't our business. Signing XML documents isn't our business.
On the other hand, the people whose business it should be somehow seem
to be asleep at the wheel, as the problems are well-known and somehow
aren't being addressed, and haven't for years.
It seems to me that the best way out of this conundrum is:
1. to foresee, architecturally, the use of several different ways of
constructing signatures, as the matter clearly isn't settled
2. to make sure that high-end approaches (like XML-DSIG) work well, but
low-end approaches (like XML-RSIG) work just as well
3. to maintain a best practices document that says "today, choice X is
your best bet, and we say that because based on our market research, X
has the highest market share in terms of implementors today."
As we all know, any problem in computer science can be solved by adding
a level of indirection. This may well be one of those cases.
Johannes Ernst
NetMesh Inc.
http://netmesh.info/jernst
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
|
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs