[17400] in cryptography@c2.net mail archive
Re: Digital signatures have a big problem with meaning
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Jun 8 12:19:38 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: ben@algroup.co.uk, lynn@garlic.com
Cc: cryptography@metzdowd.com, dan@geer.org,
pgut001@cs.auckland.ac.nz, rsalz@datapower.com
In-Reply-To: <42A594F4.6010005@algroup.co.uk>
Date: Thu, 09 Jun 2005 03:42:46 +1200
Ben Laurie <ben@algroup.co.uk> writes:
>Anne & Lynn Wheeler wrote:
>> Peter Gutmann wrote:
>>> That cuts both ways though. Since so many systems *do* screw with
>>> data (in
>>> insignificant ways, e.g. stripping trailing blanks), anyone who does
>>> massage
>>> data in such a way that any trivial change will be detected is going
>>> to be
>>> inundated with false positives. Just ask any OpenPGP implementor about
>>> handling text canonicalisation.
>>
>> this was one of the big issues in the asn.1 encoding vis-a-vis xml
>> encoding wars.
>>
>> asn.1 encoding provided deterministic encoding for signed material,
>
>You mean it _would_ have done if anyone could implement it correctly. Sadly,
>experience shows that no-one can.
Right, but that's lead to a de-facto encoding rule of "The originator encodes
it however they like, and everyone else re-encodes it (if required) using
memcpy()". The advantage of the format is that it's never tried to be
anything other than a pure binary-only format, so moving it over text-only
channels is handled at the next layer down (usually base64), rather than
trying to make the encoding itself text-only-capable and then finding yourself
in a world of pain when half the systems the stuff passes through mangle the
text.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
