ietf-smime
[Top] [All Lists]

Re: Countersignature Security Consideration and proposed new counterSignatureScope attribute for ESS

1998-10-16 08:15:56
In response to Russ request for the "Security Considerations" section of
CMS, I agree with others that CMS should not force a counter signer to
validate the original content mainly for backward compatibility reasons.

However, because of an historical shortcoming in the counterSignature
attribute and as previously suggested by Dr. Steve Henson and Denis Pinkas
recently, I would like to propose a new attribute for ESS, which would have
to be present to explicitly indicate whether or not the countersigning
process has validated the original content. As noted above, this new
attribute would only be useful if CMS does not mandate a counter signer to
validate the original content.

For discussion on this mailing list, the suggested addition to ESS about
this new attribute could read as follow:

"6. Countersignature Scope Attribute

The counterSignature attribute from [CMS] includes a digital signature that
is computed on the content signature value, thus the countersigning process
need not know the original signed content.  This structure permits
implementations efficiency advantages; however, this structure may also
permit the countersigning of an inappropriate signature value.   Although
implementations that perform countersignatures could validate the original
signature value prior to countersigning it (this validation requires
processing of the original content), there are currently no means to
indicate that the original content was validated.   This shortcoming, which
might be adequate in most circumstance, does not address scenarios where a
counter signer would have to explicitly indicate whether or not the
original content was validated.

To effectively define the scope of the countersignature, the
counterSignatureScope attribute MUST be present, in addition to existing
attributes that are currently allowed in a counterSignature (e.g.
counterSignature, messageDigest, signingTime, and signingCertificate).

The counterSignatureScope attribute MUST be a signed attribute; it cannot
be an unsigned attribute, an authenticated attribute, or an unauthenticated
attribute.

The following object identifier identifies the counterSignatureScope
content type:
  
        id-aa-counterSignatureScope OBJECT IDENTIFIER ::= { iso(1)
                member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
                smime(16) id-aa(2) <TBD> }

The definition of CounterSignatureScope is:

CounterSignatureScope ::=  INTEGER {
        content validated               (0),
        -- the countersigning process has validated the content
        content not validated   (1),
        -- the countersigning process has NOT validated the content
}

A counterSignatureScope attribute must have a single attribute value."


Francois Rousseau
AEPOS Technologies

<Prev in Thread] Current Thread [Next in Thread>