Kai Kretschmann <K.Kretschmann@security-gui.de> writes: > Did anyone read the announcement of the internet draft about sighttp > last may? > Any ideas, critics, comments are welcome. I did put a copy of the > document to the website www.sighttp.org for further discussion. The system you describe appears to have a number of problems: (1) You don't make any provision for automatic key distribution. This makes it very difficult to scale your solution. (2) There's no way for clients to know whether a given page should have a signature on it. Therefore it's possible for an attacker who compromises the server to replace the content with unsigned content of his own choice. (3) <nosighttp> is insufficiently powerful. Many real systems have large amounts of dynamic data, including substantial HTML, on many pages. Rearchitecting these pages to isolate that data will be difficult. (4) Requiring the client verifier to perform significant HTML parsing to detect and verify the <nosighttp> elements cuts against the claim that this solution is simple to implement. -Ekr -- [Eric Rescorla ekr@rtfm.com] http://www.rtfm.com/