Cryptographic authentication of VOEvents

John Swinbank swinbank at transientskp.org
Wed Sep 12 07:25:29 PDT 2012 

Hi Norman, all,

On 12 Sep 2012, at 00:43, Norman Gray <norman at astro.gla.ac.uk> wrote:

> 
>>> I can't help feeling, however, that the suggested practice of simply signing the serialised XML document, as a binary blob, is a little ... unambitious, and will lead to hassles later.
>> 
>> I'm a little on the fence about this. On general principle, I agree; however, I've seen few really convincing examples of what those hassles might be. I note the examples in your document ("if you want to do anything with the XML… [or] round-trip [it] into a system which doesn't know about your signature"), and find them somewhat persuasive but not compelling.
>> 
>> I'd be genuinely interested in a real-world application where regarding the VOEvent as an opaque bitstream to be signed causes serious problems.
> 
> I'm a bit of a tourist in this WG, so others will have to add detailed use-cases.  However the fact that you effectively have to abandon the signature as soon as a document enters an XML parser, seems an obvious massive downside.  You have to abandon the signature because it's axiomatic in any XML processing system that the serialisation -- the collection of angle brackets -- doesn't matter, so if it's the serialisation and not the content that you've signed, then you're going right against the grain.  Good engineering goes with the grain.

Broadly speaking I agree, but I'm pretty sure that others won't, and I can't articulate a good, practical use case which this would enable. I would love for another member of this WG to step up and demonstrate how this will enable science which would otherwise be impossible.

[…]

Many thanks for all the elided explanations!

> I can see no reason why this would be hard to implement in any language which had an analogous API.  The Xerxes-C parser has an API <http://xerces.apache.org/xerces-c/program-sax2-3.html> which directly mimics SAX.  Python has a SAX-like implementation, too <http://docs.python.org/library/xml.sax.html>

Unfortunately, www.astro.gla.ac.uk appears to be offline today, so I can't refer to your specifications. However, I spent an informative half hour learning about SAX in Python, and agree that this isn't as hard a problem as I first thought. It does still add a significant level of complexity beyond treating the XML as an opaque payload, though – as above, a really concrete justification for that would help.

Cheers,

John

More information about the voevent mailing list