Guys, that was a public review issue and was closed in February.
Does anyone feel strongly enough about this to open a new errata issue to
change the text?
From: Jan Alexander
[mailto:janalex@microsoft.com]
Sent: Monday, June 11, 2007 11:26 PM
To: Duane Nickull; Aditya Athalye
Cc: ws-sx@lists.oasis-open.org
Subject: RE: [ws-sx] Re: Issue PR014: Signature protection semantics
clarification
I’m okay with the proposal below to clarify the WS-SP spec
wording around the [Signature Protection] property.
From: Duane Nickull [mailto:dnickull@adobe.com]
Sent: Thursday, June 07, 2007 9:22 AM
To: Aditya Athalye; Jan Alexander
Cc: ws-sx@lists.oasis-open.org
Subject: Re: [ws-sx] Re: Issue PR014: Signature protection semantics
clarification
+1
Specific is good.
Duane Nickull
On 6/7/07 8:22 AM, "Aditya Athalye" <aditya.athalye@oracle.com>
wrote:
Hi Jan,
That was a good point to include this in [Signature Protection] property "The primary
signature element is not required to be encrypted if the value is ‘true’ when
there is nothing else in the message that is encrypted".
However, I have a question here: Instead of saying "nothing else in the
message", shouldn't we be more specific and say:
"The primary signature element is not required to be encrypted if the
value is ‘true’ when there is nothing in the
message that is covered by this signature encrypted".
Let us take the following case:
<soap:Envelope>
<soap:Body>
<abc Id="abc">...</abc>
<xyz Id="xyz">...</xyz>
</soap:Body>
</soap:Envelope>
If you encrypt <abc>, and sign <xyz>, you create a signature
<ds:Signature>
<ds:Reference URI="#xyz"/>
</ds:Signature>
Now going by the original statement in the spec, it would be ok to encrypt this
signature whereas the element it covers is still left in the clear. In this case
also IMO, there is no significant gain in the security.
If however, abc is signed using this primary signature, then encrypted, and
then if this signature was confidentiality protected, it would be more
meaningful.
So IMO, the primary signature element should be protected (when the property is
true of course) when it covers at least something which is encrypted, and not
anything in the message which is encrypted which I infer from the original
clause.
Please share your thoughts.
Thanks
Aditya
--
************************************************************
Sr. Technical Evangelist - Adobe Systems, Inc.
*
Chair - OASIS SOA Reference Model Technical Committee
*
Blog: http://technoracle.blogspot.com
*
My Music: http://www.mix2r.com/audio/by/artist/22ndcentury
*
My Band: http://www.myspace.com/22ndcentury
*
************************************************************