ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ESS MLA Attributes Comment

1998-02-18 06:53:08
from [John Pawling] [Permanent Link] 
All,

The 16 Feb 98 ESS, sec 4.2, intro, 3rd para, states:
"When the MLA creates the new attribute list for its signature, the MLA
MUST propagate forward each attribute in the old signature, unless the MLA
explicitly replaces the attribute with a new value. An MLA will frequently
encounter attributes, or parts of attributes, which it does not
understand. Attributes such as security labels cannot be removed from
the new signature being created without compromising the security of the
system. Because it is impossible to enumerate the future list of attributes
which have security implicitions, an MLA MUST propagate forward all
attributes which it does not explicity replace."


I agree with the intent of the aforementioned paragraph that the MLA MUST
propagate forward each authenticated attribute present in the old outermost
signature, unless the MLA explicitly replaces the attribute with a new
value.  However, I disagree with some of the other statements in the text
and I believe that the text needs to be more precise.  Propose that the
aforementioned text should be deleted and that the following changes should
replace it:

1) sec 4.2.2, bullet 3.2.1 should be changed as follows:

 OLD: 3.2.1. The MLA strips the existing outermost SignedData layer after
             remembering the value of the mlExpansionHistory attribute in that
             layer, if one was there.

 NEW: 3.2.1. The MLA strips the existing outermost SignedData layer after
             remembering the value of the mlExpansionHistory and all other
             authenticated attributes in that layer, if present.


2) sec 4.2.2, bullet 3.2.3, first para, should be changed as follows:

 OLD: 3.2.3. The MLA adds an mlExpansionHistory attribute. The SignedData
             layer created by the MLA replaces the original outermost SignedData
             layer.

 NEW: 3.2.3. The outermost signedData layer created by the MLA replaces the
original 
             outermost signedData layer.  The MLA MUST create an authenticated
             attribute list for the new outermost signedData layer which
MUST include  
             each authenticated attribute present in the original outermost
signedData
             layer, unless the MLA explicitly replaces the attribute with a
new value.
             For example, the MLA MUST include the securityLabel attribute
present in the
             original outermost signedData layer unless it replaces that
attribute with
             a new securityLabel attribute that it creates.  A special case
is the 
             mlExpansionHistory attribute.  The MLA MUST add an
mlExpansionHistory 
             authenticated attribute to the outer signedData layer as
follows: ....

Note: The proposed 3.2.3 change specifies that the MLA can replace the
securityLabel in the outermost signedData layer, not the innermost
signedData layer.  The MLA can never change any of the authenticated
attributes in the innermost signedData layer (including the securityLabel)
because that would break the original signer's signature of the innermost
signedData layer.

================================
John Pawling   
jsp(_at_)jgvandyke(_dot_)com                             
J.G. Van Dyke & Associates, Inc.           
================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Many changes to the ASN.1 OIDs page, Paul Hoffman / IMC
Next by Date:  RE: Comment on ESS and Privacy Marks, John Pawling
Previous by Thread:  Many changes to the ASN.1 OIDs page, Paul Hoffman / IMC
Next by Thread:  Re: ESS MLA Attributes Comment, Russ Housley
Indexes:  [Date] [Thread] [Top] [All Lists]