Re: [xri] SimpleSign Implementation

[Ben Laurie <benl@google.com>]

On Wed, Dec 24, 2008 at 3:16 AM, Nat Sakimura <n-sakimura@nri.co.jp> wrote:
>
>
> Ben Laurie wrote:
>>
>> On Mon, Dec 22, 2008 at 1:29 AM, Nat Sakimura <n-sakimura@nri.co.jp>
>> wrote:
>>
>>>
>>> Hi.
>>>
>>> No, it si not silly. It is a good question to ask.
>>>
>>> My answer would be:
>>>
>>> a) TLS is only a security for the pipes. It does not protect the message
>>> per
>>> se.
>>>  With a signed document, you can verify the authenticity and validity of
>>> a
>>> cache / detached document.
>>> b) TLS requires a dedicated IP address. Sites like Google providing
>>> services
>>> to
>>>  the companies in the companies' domain do not have enough IP address to
>>> server TLS.
>>>  This is another reason.
>>>
>>
>> This is not actually true anymore - you can use the SNI extension to
>> share an IP address. Because legacy browsers don't support it, it
>> isn't so great for websites, but for a specialist application like
>> retrieving XRD it would work just fine.
>>
>
> Are they implemented widely in common scripting language libraries?

Yes.

> Are they implemented widely in the current http servers?

Yes.

>>
>>
>>>
>>> c) There are not enough XMLDSIG implementations yet, and it is complex to
>>> implement yourself.
>>>  This is becoming a hinderance to the adoption.
>>>
>>> a) and b) calls for a message based protection. This calls for something
>>> like XML Dsig.
>>> c) Calls for something simpler than XML Dsig.
>>>
>>
>> Or more implementations.
>>
>
> Yes. And we are not seeing these yet, unfortunately.
> (BTW, that's another initiative I am willing to run when I get more
> bandwidth.)
>>
>>
>>>
>>> Therefore, we have SimpleSign.
>>>
>>> Regards,
>>>
>>> =nat
>>>
>>> Joseph Anthony Pasquale Holsten wrote:
>>>
>>>>
>>>> I'm trying to wrap my head around the security implications of
>>>> SimpleSign, and I'm wondering where exactly it is better than TLS or
>>>> XMLDSIG.
>>>>
>>>> While SimpleSign is designed to be easy to implement, it still has
>>>> less implementations than TLS, or even XMLDSIG. There is also less
>>>> existing security analysis, test cases, &c.
>>>>
>>>> The certificate from SimpleSign is X509, so depends upon the support
>>>> of a CA. A certificate will only be valid if the subject applies to
>>>> the CannonicalID. Getting such a certificate will cost the same as a
>>>> TLS certificate, if they are not the identical.
>>>>
>>>> Why should I use a SimpleSign implementation instead of TLS or XMLDSIG?
>>>>
>>>> Some possible answers:
>>>> * You shouldn't. (NO!!!)
>>>> * Using TLS would require either all resources must be encrypted and
>>>> sign (significant overhead), or that the XRD must be available under
>>>> TLS while other resources may not (significant complexity).
>>>>  * Using TLS means that an XRD cannot be provided under restrictive
>>>> hosting environments, as it cannot be implemented by uploading a PHP
>>>> script over FTP.
>>>> * Using XMLDSIG requires either a custom implementation (error
>>>> prone), or support for a known-good implementation (restricted
>>>> environments).
>>>> * SimpleSign is simple enough that an amateur can implement it
>>>> without worry of error, is easy to host, and allows flexible security
>>>> for other resources.
>>>>
>>>> http://josephholsten.com
>>>>
>>>> PS. I'm still trying to get up to speed with everything in XRI, so
>>>> I'm sorry if I ask silly questions
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe from this mail list, you must leave the OASIS TC that
>>>> generates this mail.  Follow this link to all your TCs in OASIS at:
>>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>>>>
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this mail list, you must leave the OASIS TC that
>>> generates this mail.  Follow this link to all your TCs in OASIS at:
>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>>>
>>>
>