Kai Kretschmann <K.Kretschmann@security-gui.de> writes:
> Did anyone read the announcement of the internet draft about sighttp
> last may?
> Any ideas, critics, comments are welcome. I did put a copy of the
> document to the website www.sighttp.org for further discussion.
The system you describe appears to have a number of problems:
(1) You don't make any provision for automatic key distribution.
This makes it very difficult to scale your solution.
(2) There's no way for clients to know whether a given page
should have a signature on it. Therefore it's possible
for an attacker who compromises the server to replace the
content with unsigned content of his own choice.
(3) <nosighttp> is insufficiently powerful. Many real systems
have large amounts of dynamic data, including substantial
HTML, on many pages. Rearchitecting these pages to isolate that
data will be difficult.
(4) Requiring the client verifier to perform significant HTML
parsing to detect and verify the <nosighttp> elements cuts
against the claim that this solution is simple to implement.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/