[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] Recently discover WSS security threat
> "The semantics of the XPath transform" is not one of the steps. > Therefore the answer is unresponsive to the question "which of these > steps". Okay. MU -- unask the question. I don't think the layer between signature-code and application code must be restricted to those two steps. > http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200506/m > sg00026.html. My answer to your questions would be Yes, that works, but I don't think it's necessary since it's very complex, not required, and seems to be based on a specific information model. > ] a signature comes in that includes an XSLT transform. Do you > ] then forward the result of running the XSLT instead of the data > ] that's actually in the message? > > Yes, that is my reading of the DSIG spec. It also seems to be the most > secure thing to do. My view is that this runs counter to "see what is being signed," section 8.1.3, http://www.w3.org/TR/xmldsig-core/#sec-See . Also, I'm not sure if including an XSLT implementation in the DSIG implementation is the most secure way to do things -- the more I can leave out, the more secure it is, I think. > I'm unconvinced policy alone can solve this problem. My neither. But it's where the herd is moving, so it stands the best chance of having the broadest set of solutions for the broadest set of implementations. /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]