[17377] in cryptography@c2.net mail archive
Re: Digital signatures have a big problem with meaning
daemon@ATHENA.MIT.EDU (Ben Laurie)
Tue Jun 7 18:48:30 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 07 Jun 2005 13:37:08 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, dan@geer.org,
rsalz@datapower.com, cryptography@metzdowd.com
In-Reply-To: <42A06046.6090407@garlic.com>
Anne & Lynn Wheeler wrote:
> Peter Gutmann wrote:
>
>> That cuts both ways though. Since so many systems *do* screw with
>> data (in
>> insignificant ways, e.g. stripping trailing blanks), anyone who does
>> massage
>> data in such a way that any trivial change will be detected is going
>> to be
>> inundated with false positives. Just ask any OpenPGP implementor about
>> handling text canonicalisation.
>
>
> this was one of the big issues in the asn.1 encoding vis-a-vis xml
> encoding wars.
>
> asn.1 encoding provided deterministic encoding for signed material,
You mean it _would_ have done if anyone could implement it correctly.
Sadly, experience shows that no-one can.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
