Saturday, February 28, 2009


Could you sign here, please? (cont'd)

Three years after I blogged about the dangers in XML Signatures the W3C finally officially came up with a document highlighting the security hazards of XML Signatures. Check out:

XML Signature Best Practices

This makes for a very, very good reading. I recommend this to all of you playing with SAML assertions, WS-Security, XAdES, XKMS, you name it. Some of you might finally realize why certain people can just walk through your web service security without any problem. :) Quite recently I had to explain to some girl implementing a SAML security module at FedICT why the heck you need to change the principal identifier and recheck the signature digest value for change. Isn't that fun or what? Sometimes I've got the feeling that I'm the only one seeing this kind of, well let me call it, opportunities. As D. told me a while ago in Paris "it takes a sick mind to understand how to break into a system". I looked at him and thought the same. :) And indeed, once you think in a particular way about things, it's fun all over the place.

It's time for general awareness about the dangers in XML Signatures and the W3C is finally detailing on this. My congratulations to the team working on this. Now if someone could find the time to write about how to prevent all the listed attacks using the Apache XML Security Java library I would be even more delighted.

