[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency-msg] cap:image and cap:audio
> The spec as it stands carries audio files and images as references to > the actual files. While this reduces the size of the alert message, it > has a disadvantage. If the message is digitally signed, the protection > this provides is not extended to the image/audio files. So a hacker > could replace the picture of a missing child with one of Mickey Mouse > for example, and the security and validation mechanisms would not detect > the alteration. Digitally signing the document includes the references so that should be sufficient. A hacker would have to compromise the server holding the multimedia files in order to be effective. A very possible scenario, but taking into account that security aware agencies will be issuing CAP alerts (hopefully!), we can assume that this scenario is highly unlikely. If CAP issuers are pointing to multimedia files on another party's server, we should recommend a local copy be made and that the CAP alert point to that file instead. I am being very optimistic because the truth is that hackers are a problem. But CAP should not have to take into account all security problems because it could get very bloated. Nonetheless, this topic is an important one and I would like to hear what others have to say. > I suggest we may want to actually embed the files in the xml document > (as Base64 encoded strings perhaps), so that the message integrity can > be verified. Base64 encoding increases size by 33% plus you have to remember the encoding/decoding process. I would prefer some kind of attachments scheme similar to email attachments or SOAP with attachments where the XML document refers to files that are coming up right behind it using MIME/DIME. Until next time, Nasseam Elkarra nelkarra@opensec.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]