axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anne Thomas Manes <atma...@gmail.com>
Subject Re: WSDL with attachments
Date Fri, 29 Jul 2005 19:25:03 GMT
Ah.. but that would require a significant update to XML Signature.
Would you like to call NIST about it or should I? <grin>

Anne

On 7/29/05, Dennis Sosnoski <dms@sosnoski.com> wrote:
> These are complex topics that are straying away from Axis issues, since
> WS-Security is a given that we all need to work with. I'll just point
> out, though, that XML Canonicalization is only required because of the
> decision to base XML Signature on the *text* of the document, rather
> than the *content* of the document. It would have allowed for much more
> efficient implementation if Signature had been based on the Infoset, for
> instance. As it is, the reliance on the particular sequence of
> characters in the text format has repeatedly caused problems in Axis due
> to issues such as namespace prefixes which have absolutely nothing to do
> with the content of the document.
> 
>   - Dennis
> 
> Anne Thomas Manes wrote:
> 
> >I agree with you that the XML gateway appliance vendors will benefit
> >from widespread adoption of WS-Security. <grin>
> >
> >I'm not an expert in security, although I do know enough to know that
> >it's a remarkably complex topic. The security gods have reached the
> >conclusion that the best way to ensure end-to-end security and to
> >reduce security vulnerabilities when dealing with attachments is to
> >make them part of the SOAP message infoset. The documents I cited can
> >tell you why -- but you need a pretty deep understanding of security
> >threats and countermeasures to truly understand them. (I'm definitely
> >on shaky ground when reading them.)
> >
> >XML Signature requires XML Canonicalization because you absolutely
> >need to make sure that not one bit in the message changes to replicate
> >and validate a signature. That's just the way it is. The message may
> >get compressed or chunked or whatever in transit, so you have to be
> >able to reconstruct it exactly. Only canonicalization can ensure
> >perfect reconstruction.
> >
> >Anne
> >
> >On 7/28/05, Dennis Sosnoski <dms@sosnoski.com> wrote:
> >
> >
> >>Thanks for the pointers, Anne, I'll check out the documents.
> >>
> >>As to the issue of attachments not being part of the Infoset - honestly,
> >>that seems a much cleaner approach to me than making them look like
> >>base64 encoding, as done by MTOM. WS-Security (which in turn builds on
> >>XML Signature, which uses XML Canonicalization) is one of the most Rube
> >>Goldberg-ish contraptions in the history of technology. It's the
> >>equivalent of writing your data out in longhand on a whiteboard, taking
> >>a Polaroid of the whiteboard, signing that, and enclosing it with the
> >>transmission. The main beneficiaries of WS-Security would seem to be the
> >>manufacturers of XML appliances, which suddenly have a huge potential
> >>market.
> >>
> >>IMHO there's no reason why WS-Security couldn't have been designed with
> >>attachments in mind, and implemented the sensible approach of just
> >>encrypting or signing the binary format directly.
> >>
> >>  - Dennis
> >>
>

Mime
View raw message