[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] RE: <DocumentURI>
Against <DocumentURI>, for the reasons stated by Rich. ---------- Original Message ---------------------------------- From: Trevor Perrin <trevp@trevp.net> Date: Fri, 24 Oct 2003 00:58:20 -0700 >At 11:59 AM 10/23/2003 -0400, Rich Salz wrote: >>Trevor wrote: >>>There's a security concern, if the client asks the server to sign >>>something the server has access to, but the client doesn't. >> >>It is a HUGE security issue. Suppose, for example, the DSS is running on >>a Unix box and I send it a request for an enveloping signature of >>"file:///home/root/passwords" or some such? >> >>Suppose I say "here's the URL I want you to sign", but the URL is one of >>those phony "click here to get off our mailing list" spam things? > >I hadn't thought of those. Hmm. I guess I lean towards taking this >out. It's usefulness is as an optimization, but > - you can only achieve that optimization when the doc happens to be on >the web somewhere. Which doesn't seem common, > - it only shifts the burden of retrieving the document from client to server, > - you can achieve the same optimization with client-side hashing, > - and it's risky. > >So I think Rich and myself vote against this, Gregor for it. I'm not sure >if anyone else has come down solidly one way or the other? > >Trevor > > >To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php. > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]