OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [ebxml-msg] security problem with ebXML MS

On Wed, 7 Nov 2001, David Fischer wrote:

    I would like to suggest a variation on Suresh's idea.

    What if we add a second Reference in the ds:Signature for 'each'
    payload so that there would be two references to the same cid, for
    each payload.  I looked in the dSig spec and there doesn't seem to
    be any prohibition on this.
    The first reference would be to the payload as it has always been
    with whatever canonicalization or transforms are required.  The
    second reference would be to the MIME headers.  Suresh's
    canonicalization of the MIME headers would still be required but we
    wouldn't have to copy the MIME headers into the Manifest (minimal
    change to the spec).  We would still have to define that
    Canonicalization Algorithm that Suresh described.

To make this more explicit I think the "second" reference -- the one
that refers to the headers -- should include something that includes it
refers to the headers not the payload.  There is an optional ID and Type
attribute defined.

Can we give one of those a value that would explicitly indicate to which
"data" it was referring?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC