[Top] [All Lists]

Re: cryptographically verifiable fields

2004-01-19 05:12:43

In <400A5CC6(_dot_)1070603(_at_)verizon(_dot_)net> Bruce Lilly 
<blilly(_at_)verizon(_dot_)net> writes:

Keith Moore wrote:

That, and there is a semantic difference between a signed message and 
a cryptographically verifiable trace field in a message.

Could somebody outline a process whereby a single field or group of 
fields in a
message could be signed, with the following conditions:
1. the mechanism is robust w.r.t. common types of message munging 
(reordered fields,
   possible dropping of fields (obviously, let's assume that the field 
that is signed isn't
   dropped), addition of trailing whitespace, etc.)
2. the mechanism is not subject to replay attacks (e.g. copying the 
signed field from one
   message to another)

Usefor did some work on this (but for other reasons). However, it was
decided it was a step too far for the current draft, but a possibility for
a later 'security' document.

The internet-draft has expired now, but you can still find it on

It included a very elaborate canonicalization. Even so, I would write it
differently now. And worse things have happened since I wrote it, for
example how do you canonicalize IDNA domain names, as UTF-8 or as

Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web:
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, 
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5