in Security

Johannes Ernst, Master Simplifier: Really Simple XML Signatures

Johannes proposes a simplified approach to XML Signatures.

Actually, that’s how I thought it would work before I read that ‘XML Security’ book ;)

So, can anybody elaborate on why we can’t do that? I mean, apart from all the crap standards bodies: why not just do it, following the RSS example? The Atom guys can then spend the next few years telling us why we need a better namespace design.

Leave a Reply

  1. Consider it this way, how many transformations can you make on a DER encoded X.509 certificate without changing it’s meaning in any way? Answer to rhetorical question, zero. That’s why we have all the hoopla with PEM to get the certificate through non-8 bit safe environments intact, and that’s why if I sign a certificate, it really is sign once, verify everywhere.

    Now, ask the same question of XML. How many transformations can I make on an XML document without changing it’s meaning in the slightest? Thousands and thousands! Why, think of all the things I can do the whitespace. That’s explicitly ignored in XML anyway, but if I sign it in the way specified, I’m freezing a particular set of whitespace characters as the “correct” ones.

    That’s why the IETF’s secure XML group exists. Before I heard of this discussion, I’d always thought it would be as simple as applying XHash to document and signing the hash. Unfortunately, this proves to be not the case (not least because Xhash was essentially designed for hash tables, and has next to no cryptographic analysis behind it.) I can only think the author of the article you linked to either didn’t read, or didn’t understand the discussion.

  2. Consider it this way, how many transformations can you make on a DER encoded X.509 certificate without changing it's meaning in any way? Answer to rhetorical question, zero. That's why we have all the hoopla with PEM to get the certificate through non-8 bit safe environments intact, and that's why if I sign a certificate, it really is sign once, verify everywhere.

    Now, ask the same question of XML. How many transformations can I make on an XML document without changing it's meaning in the slightest? Thousands and thousands! Why, think of all the things I can do the whitespace. That's explicitly ignored in XML anyway, but if I sign it in the way specified, I'm freezing a particular set of whitespace characters as the "correct" ones.

    That's why the IETF's secure XML group exists. Before I heard of this discussion, I'd always thought it would be as simple as applying XHash to document and signing the hash. Unfortunately, this proves to be not the case (not least because Xhash was essentially designed for hash tables, and has next to no cryptographic analysis behind it.) I can only think the author of the article you linked to either didn't read, or didn't understand the discussion.

  3. Chris: The author of that article would be me. I can assure you that I completely understand why XML DSig has all the complexity it has. But you misunderstand my argument, it is not about that.

    My argument is that if requirements 1 through 1000 (or whatever number) require us to construct technology X, which thus necessarily becomes so complex that only 1% of people can adopt it (for whatever reasons), then it is time to drop, say, requirements 100-1000, meet only a tenth of the previous list of requirements, and build technology that, say, 60% of people can adopt. Albeit for a smaller set of use cases.

    That is what I’m suggesting. Just like RSS: it became so successful precisely because it did not address most of the requirements and thus could be very simple. And after it had become successful, for a small set of all possible use cases, people said “what about addressing a few more requirements”, and we got Atom. I’m sure there will be further upgrades to syndication formats and protocols… We would have neither RSS nor Atom if we had started with the equivalent of XML-DSig for syndication. (actually, historically, I think we did start with the equivalent except that nobody has ever heard of those technologies because they did not find mass adoption)

    Which doesn’t mean I’m arguing against XML-DSig either, by the way. Only that I believe that the way to broad adoption of signed XML may be by "breaking" most of the nice features of a complex technology first. Counter-intutive for techies, I know …

  4. Chris: The author of that article would be me. I can assure you that I completely understand why XML DSig has all the complexity it has. But you misunderstand my argument, it is not about that.

    My argument is that if requirements 1 through 1000 (or whatever number) require us to construct technology X, which thus necessarily becomes so complex that only 1% of people can adopt it (for whatever reasons), then it is time to drop, say, requirements 100-1000, meet only a tenth of the previous list of requirements, and build technology that, say, 60% of people can adopt. Albeit for a smaller set of use cases.

    That is what I'm suggesting. Just like RSS: it became so successful precisely because it did not address most of the requirements and thus could be very simple. And after it had become successful, for a small set of all possible use cases, people said "what about addressing a few more requirements", and we got Atom. I'm sure there will be further upgrades to syndication formats and protocols… We would have neither RSS nor Atom if we had started with the equivalent of XML-DSig for syndication. (actually, historically, I think we did start with the equivalent except that nobody has ever heard of those technologies because they did not find mass adoption)

    Which doesn't mean I'm arguing against XML-DSig either, by the way. Only that I believe that the way to broad adoption of signed XML may be by "breaking" most of the nice features of a complex technology first. Counter-intutive for techies, I know …

Webmentions

  • Johannes Ernst's Blog February 27, 2006

    post by Frank Koehntopp, responding to my really simple XML signatures proposal, Chris Davies writes: …How many transformations can I make on an XML document without changing its meaning in the slightest? Thousands and thousands! …

  • Rohan Pinto February 27, 2006

    simple”. Please also read Johannes’s post on “Why name-value pairs are a bad idea for the exchange of identity information“. As a regular reader of this blog, you probably know that I’m abig fan of simple, and so questions like this one are rather important to me. If this could really work, it would be a huge simplification and A Great Thing. AH!! there is hope. and Johannes is a “simple” example of such hope. While the entire industry was harping

  • DeveloperZen.com February 27, 2006

    [IMG] Constant Bearing, Decreasing Range [IMG] Doing My Little Part- Weblog of Mark Finnern [IMG] Software Alphabet Soup [IMG] The Village View [IMG] theotherthomasotter [IMG] Venture Chronicles [IMG] http://www.gadgetguy.de – The GadgetGuy [IMG] Yet Another Software Blog

  • DeveloperZen.com February 27, 2006

    [IMG] Constant Bearing, Decreasing Range [IMG] Doing My Little Part- Weblog of Mark Finnern [IMG] Software Alphabet Soup [IMG] The Village View [IMG] theotherthomasotter [IMG] Venture Chronicles [IMG] http://www.gadgetguy.de – The GadgetGuy [IMG] Yet Another Software Blog

  • Welcome to www.ekampf.com February 27, 2006

    [IMG] Constant Bearing, Decreasing Range [IMG] Doing My Little Part- Weblog of Mark Finnern [IMG] Software Alphabet Soup [IMG] The Village View [IMG] theotherthomasotter [IMG] Venture Chronicles [IMG] http://www.gadgetguy.de – The GadgetGuy [IMG] Yet Another Software Blog