Re: [xri] SimpleSign Implementation

[Nat Sakimura <n-sakimura@nri.co.jp>]

Hi.

No, it si not silly. It is a good question to ask.

My answer would be:

a) TLS is only a security for the pipes. It does not protect the message 
per se.
   With a signed document, you can verify the authenticity and validity 
of a cache / detached document.
b) TLS requires a dedicated IP address. Sites like Google providing 
services to
   the companies in the companies' domain do not have enough IP address 
to server TLS.
   This is another reason.
c) There are not enough XMLDSIG implementations yet, and it is complex 
to implement yourself.
   This is becoming a hinderance to the adoption.

a) and b) calls for a message based protection. This calls for something 
like XML Dsig.
c) Calls for something simpler than XML Dsig.

Therefore, we have SimpleSign.

Regards,

=nat

Joseph Anthony Pasquale Holsten wrote:
> I'm trying to wrap my head around the security implications of
> SimpleSign, and I'm wondering where exactly it is better than TLS or
> XMLDSIG.
>
> While SimpleSign is designed to be easy to implement, it still has
> less implementations than TLS, or even XMLDSIG. There is also less
> existing security analysis, test cases, &c.
>
> The certificate from SimpleSign is X509, so depends upon the support
> of a CA. A certificate will only be valid if the subject applies to
> the CannonicalID. Getting such a certificate will cost the same as a
> TLS certificate, if they are not the identical.
>
> Why should I use a SimpleSign implementation instead of TLS or XMLDSIG?
>
> Some possible answers:
> * You shouldn't. (NO!!!)
> * Using TLS would require either all resources must be encrypted and
> sign (significant overhead), or that the XRD must be available under
> TLS while other resources may not (significant complexity).
>   
> * Using TLS means that an XRD cannot be provided under restrictive
> hosting environments, as it cannot be implemented by uploading a PHP
> script over FTP.
> * Using XMLDSIG requires either a custom implementation (error
> prone), or support for a known-good implementation (restricted
> environments).
> * SimpleSign is simple enough that an amateur can implement it
> without worry of error, is easy to host, and allows flexible security
> for other resources.
>
> http://josephholsten.com
>
> PS. I'm still trying to get up to speed with everything in XRI, so
> I'm sorry if I ask silly questions
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
>