Re: signature/encryption tags

Brian Behlendorf (brian@wired.com)
Mon, 10 Apr 95 21:13:27 EDT

On Mon, 10 Apr 1995, Milton Anderson wrote:
> Work on how signatures are applied to paper documents in
> financial transactions has pretty much convinced me that
> cryptographic signatures should be considered a property of a
> document at the application level. This is in distinction to
> signatures and/or encryption used at the transport or file
> system security level.
..
> Consequently, the HTML syntax may be a good candidate for:
> - defining a structure of blocks over which hashs
> and signatures are computed, and
> - identifying the hash values, signature values,
> keys, algorithm parameters and other components needed by the
> signature system (including certificates in HTML syntax
> instead of ASN.1?).

Couldn't this be better solved by making the signed document a MIME compound
document instead of trying to force syntax and features into HTML which
could change in the future? Create a MIME type for a digital signature
(I'd be surprised if one didn't already exist) and point it at the HTML
segment that preceded it. It's indisputable that most modern operating
systems have a problem with the concept of compound documents (though I
think NeXT got close), but I just have the feeling that when you have
orthogonal data types that must be tightly bound together, it's the right
way to go.

The lack of compound document support limits other applications as well -
for example, how do I mail someone an HTML document, including GIF's,
so that when an HTML-capable mail reader views it they see the images as
inlined by the HTML document? The first glimmer of support for it is in
Netscape's ability to read USENET news postings done in MIME multipart,
though I have yet to see this in action.

Why do I feel HTML and digital signatures are orthogonal? It just feels like
they have different purposes, different groups of people controlling their
revision schedules, and vastly different programming code sets that use them.
I want to be able to digitally sign my Postscript and GIF files. I want to
be able to use PGP 6.0 to sign my HTML when it comes out, even though the
syntax and semantics of how that works may be completely different from 2.6.
I might also want to sign/verify the accuracy of *other* people's documents,
documents where I might not have write permission.

Saying "this belongs in HTTP" is not saying "this is a transport issue",
since HTTP is also used to describe meta-information about a document - its
content type, its last-modified date, to some capacity its version number,
and in the future perhaps where revisions/annotations to the document exist.
So, I say "this belongs in HTTP" since that's where meta-information belongs,
and I classify signing a document as a piece of meta information.

Having said that, why not use the <META> tag for these purposes in the
short term?

Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@hotwired.com brian@hyperreal.com http://www.hotwired.com/Staff/brian/