ietf-mailsig
[Top] [All Lists]

Re: SSP outbound signing policy

2005-07-31 14:51:36

Earl Hood wrote:

On July 30, 2005 at 07:38, Jim Fenton wrote:

And this second signature passes, we still might need to look up the SSP for
example.com because the policy might suggest no further signing was
expected.

This means that the addition of a valid signature to a message with a valid first-party signature could make it invalid. I'd like to understand what problem this solves; it doesn't seem to be protecting against abuse of the original message.

IMO, an additional assertion of accountability for a message shouldn't make it less valid.

The first signature is not made invalid if the second signature
can specify its role; i.e. the second signature is not bound
to the OA.

And even with that, if the second signature is binding to the
OA, it is invalid if the OA SSP disallows 3rd-party signing.  This
should have no effect on the first signature.
If the second signature binds to the OA, it is not a third-party signature, it is a first-party signature. A third-party signature is a signature that does not bind to the OA. So the third-party signing policy is irrelevant.

Now, what does the invalidness (is that a word?) of the second
signature mean?  How is this conveyed to the end-user?
If the message has a valid first-party signature, then that is considered sufficient to authorize the message and it is not generally necessary to display anything about other signatures in the message.

-Jim

<Prev in Thread] Current Thread [Next in Thread>