-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrity Signature Header is Under-Specified #2
Comments
+1. Also, The tricky part of this is describing what is being signed; the body is a given, but headers need careful consideration. |
@mnot I think it may be a mistake to allow signers to choose what subset of headers is signed. e.g. http://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html#breaking shows how to break DKIM in practice because people made bad choices about what to sign and what unsigned content to trust. We may need to have the Also see #5 for an argument to include the URL and maybe other request headers. |
Canonicalisation is the big concern. Sometimes people don't have access to the exact bytes of their headers, sometimes implementations try to be "helpful", and sometimes middle boxes do things. Also, the set of significant headers for signing can change both over use cases and time. There probably needs to be a minimal set of headers, and the ability to add to it. C |
Closing this in favor of #16. |
The Integrity: header is only introduced as:
1a. it would likely be easiest if this were to have the same general format as the integrity attribute with multiple allowed valued, and multiple headers being treated the same as their concatenated values,
1b. not sure if comma separation of tokens should also be allowed, or whether that's a Chromium specific thing.
2, The prefix "ed25519-" is used to specify the key in the main resource, but used to specify the signature in the header. These should probably be different prefixes, as these are different things with different lengths.
The text was updated successfully, but these errors were encountered: