OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: XML content attacks

We have seen in the past some analysis reporting of potential XML content attacks on ebMS2 (like on any other schema-defined protocol that contains extensibility points).

This is about preventing tampering that focuses on the parsing phase, before even the signature check kicks-in: a tampered but schema-valid header could still do harm in terms of parsing resources even if not passing security.

My current assessment on this:


(a)     at this time we do not have any extensibility point in the schema - I believe. We do have an extensibility structure like MessageProperties, but it is well constrained schema-wise.

(b)     We do have unbounded sequences, though we could limit them arbitrarily (inconvenient)


Of course, the payload is another vulnerability point. Some advanced data validation checks (ADV) can be used.

In order to support such techniques, some meta data could be added, e.g. in a CPA extension (most obvious example would be a max size on payload parts) Not affecting the header so far, that could remain out of our immediate concern.

Regarding a direct impact on the schema, we still need to take a stance on (a) and (b) above.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]