IETF Logo W3C Logo

Author: Joseph Reagle

Audience: XML'99

Question: What does XML Signature look like, what are the issues?

References:

  1. http://www.w3.org/TR/1999/WD-xmldsig-core-19991119/ [revised WD]
  2. http://www.w3.org/TR/1999//WD-xmldsig-requirements-19991014 [Going to InfoRFC]

XML Signature

Joseph M. Reagle Jr.
<reagle@w3.org>

IETF/W3C XML Signatures Co-Chair
W3C/LCS/MIT

Agenda

  1. Working Group Background
  2. Design Principles/Goals
  3. Technical Design and Open Issues
  4. The Near Future

This presentation is merely one WG member's view/interpretation of the work with a bias of my expectation/hope for future direction.

Background

Design Principles/Goal

  1. The specification must describe how to use XML syntax to represent a signature over digital content (and XML content in particular).
  2. XML-signatures are generated from a hash over a list of references and the digest value of the references' content.
  3. The meaning of a signature is simple:  The XML-signature syntax associates the content of resources listed with a key via a strong one-way transformation.

Present Design Overview

<Signature>
  <SignedInfo>
    (CanonicalizationMethod)
    (SignatureMethod)
    (ObjectReference)+
  </SignedInfo>
  (SignatureValue)
  (KeyInfo)?
  (Object)*
</Signature>

"Signature Validation"

Must be clear by what we mean when a signature is "valid"

Signature Validation
Does the SignatureValue matches the result of processing SignedInfo with  CanonicalizationMethod and SignatureMethod as specified in 6.2? (Did SignedInfo or key change?)
Reference Validation
Does the DigestValue of the derferenced URI matches the DigetsValue in SignedInfo? (Did the content referenced from SignedInfo change.)
Trust/Application Validation
Does the application trust the signed assertions? (Was the key strong enough, is it from a trusted party, was it signed by a non-buggy application?)

Present Design Example

<Signature ID="5"
           xmlns="http://www.w3.org/1999/10/signature-core">
  <SignedInfo> ; scope of sig processing
    <CanonicalizationMethod ; for SignedInfo
      Algorithm="http://www.w3.org/1999/xmldsig-core/c14n"/>
    <SignatureMethod Algorithm="dsig:dsaWithSHA-1"/> 
    <ObjectReference URI="www.mypage.com" ; points to resource
      <DigestMethod Algorithm="http://...sha1"/>
      <DigestValue>a53uud43</DigestValue>
    </ObjectReference>
    <ObjectReference IDREF="#timestamp" ; points to resource
      Type="http://www.w3.org/1999/sig1/signatureattributes">
      <Transforms> ; source tree to output octect
        <Tranform name="http://www.w3.org/1999/xmldsig-core/c14n"/>
      </Transforms>
      <DigestMethod Algorithm="http://...sha1"/>
      <DigestValue>a53uud43</DigestValue>
    </ObjectReference>
  </SignedInfo>
  <Object ID="timestamp">
    <timestamp about="#5"
         xmlns="http://www.ietf.org/rfc/1234">
      <date>19990908</date>
      <time>14:34:34:34</time>
    </timestamp>
  </Object>
  <SignatureValue
   encoding="urn:ietf-org:base64">dd2323dd</SignatureValue>
  <KeyInfo> ; not necessarily signed!
     <keyname>Solo</keyname>
  </KeyInfo>
</Signature>

SignedInfo

  <SignedInfo> ; scope of sig processing
    <CanonicalizationMethod ; for SignedInfo
      Algorithm="http://www.w3.org/.../xml-c14n"/>
    <SignatureMethod Algorithm="dsig:dsaWithSHA-1"/> 
    <ObjectReference URI="http://www.myhome.com" ; points to object
     ...
    </ObjectReference>
    <ObjectReference IDREF="#timestamp" ; points to object
     ...
    </ObjectReference>
  </SignedInfo>

ObjectReference

<ObjectReference IDREF="#timestamp" ; points to object
  Type="http://www.w3.org/1999/xmldsig-core/SignatureAttributes">
  <Transforms> ; source tree to output octect
     <Transform Algorithm="http://w3.org/1999/XPath"/>
     <Transform Algorithm="http://w3.org/1999/xmldsig-core/c14n"/>
   </Transforms>
  <DigestMethod Algorithm="http://w3.org/1999/xmldsig-core/sha1"/>
  <DigestValue>a53uud43</DigestValue>
</ObjectReference>

Processing

Reference Validation

  1. locate object and apply Transforms to the specified resource based on each ObjectReference(s) in the SignedInfo element.
  2. calculate digest over each transformed signed object(s)
  3. compare value against DigestValue in SignedInfo for each reference (if any mismatch, validation fails).

Signature Validation

  1. canonicalize the SignedInfo element based on the CanonicalizationMethod, if any, in SignedInfo.
  2. obtain the validation keying info from KeyInfo or externally.
  3. validate the SignatureValue based on the SignatureMethod in the SignedInfo

The Future