[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Interop 2 Issue: Signed Token
Oh, ouch. (Slapping forehead with hand) My bad. I pointed out this very threat back in June in the context of key identifiers. So I will fix the scenario to sign the signing token. Hal > -----Original Message----- > From: Hallam-Baker, Phillip [mailto:pbaker@verisign.com] > Sent: Monday, August 25, 2003 8:42 PM > To: 'Hal Lockhart'; wss@lists.oasis-open.org > Subject: RE: [wss] Interop 2 Issue: Signed Token > > > > > So it must have been my mistake. I went back to my original > > notes on the > > scenarios and sure enough, is says "sign the signing token." > > But come to > > think of it, this doesn't make a lot of sense either. By its nature, a > > signature binds the key to the signature. And the rest of the > > token contents > > are bound to the key by the issuer's signature. > > This is dealt with at length in the X.509 profile. > > The token must be signed because a user might have more than one > token bound > to the same key. This would allow a signer to substitute one token for > another, thus changing the context of the signature since the two tokens > might have very different attributes. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]