Re: [dss] RE: <DocumentURI>

["jmessing" <jmessing@law-on-line.com>]

Against <DocumentURI>, for the reasons stated by Rich.

---------- Original Message ----------------------------------
From: Trevor Perrin <trevp@trevp.net>
Date:  Fri, 24 Oct 2003 00:58:20 -0700

>At 11:59 AM 10/23/2003 -0400, Rich Salz wrote:
>>Trevor wrote:
>>>There's a security concern, if the client asks the server to sign 
>>>something the server has access to, but the client doesn't.
>>
>>It is a HUGE security issue.  Suppose, for example, the DSS is running on 
>>a Unix box and I send it a request for an enveloping signature of 
>>"file:///home/root/passwords" or some such?
>>
>>Suppose I say "here's the URL I want you to sign", but the URL is one of 
>>those phony "click here to get off our mailing list" spam things?
>
>I hadn't thought of those.  Hmm.  I guess I lean towards taking this 
>out.  It's usefulness is as an optimization, but
>  - you can only achieve that optimization when the doc happens to be on 
>the web somewhere.  Which doesn't seem common,
>  - it only shifts the burden of retrieving the document from client to server,
>  - you can achieve the same optimization with client-side hashing,
>  - and it's risky.
>
>So I think Rich and myself vote against this, Gregor for it.  I'm not sure 
>if anyone else has come down solidly one way or the other?
>
>Trevor 
>
>
>To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php.
>
>