[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security hole: Digital Signing + Downloadable fonts

To: PASZTOR Miklos <Miklos.Pasztor@xxxxxxx>
Subject: Re: Security hole: Digital Signing + Downloadable fonts
From: Marc Branchaud <marcnarc@xxxxxxx>
Date: Fri, 6 Dec 1996 14:18:36 -0500 (EST)
Cc: w3c-dsig@xxxxxx, ietf-pkix@xxxxxxxxxx
In-reply-to: <>
Reply-to: Marc Branchaud <marcnarc@xxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 6 Dec 1996, PASZTOR Miklos wrote:
> 
>  My guess is that people generally  want to sign their own material 
>  produced on their PC, and not web pages and similar things downloaded 
>  from anywhere.
>  To tell the truth I do not see any reason to do that.
> 

That's not the way I read the problem.  Imagine a signed document served
up by a web server that says "you agree to pay $50023" but the line is in
a FONT command that tells your browser to display it in a particular font,
also on the web server.  Now, that font could do a mapping that translates
all 5's and 0's into spaces.  When you see the line in your browser then,
you'll read "you agree to pay $   23".

The document's signature would check out, so you might think that what
you're seeing is valid, and agree to pay $50023 without knowing it.

It's not a question of character sets, as the font just takes a value and
spews out a corresponding bitmap.  Whether the underlying encoding is
ASCII, UNICODE or some other thing makes no difference.  (Not to
trivialize character set issues -- I just don't think they quite apply
here.)

In my mind, this is also a separate issue from PKIs or digital signatures. 
If someone's going to intentionally set out to mislead people, there's not
much technology can do about it.  Even if a solution is found for this
particular problem, something else is bound to crop up.  Just because
someone can make an authenticable digital signature doesn't mean that they
can't lie.

		Marc

========================================   ---- I'M LOOKING FOR A JOB! ---
             Marc Branchaud                I'm looking for a full-time
            marcnarc@zoo.net               career, and I'm willing to move
         www.zoo.net/~marcnarc/            almost anywhere.  You can see
========================================   my CV on my web site.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBMqhxjlrdFXNdDxPlAQFtqAMAkrrbfVTukj3DKOgo0QfhgTkD0Wq79G4/
7QUeX2aQXdUezWq0v5uM7KNArZpvb4O04j8ojFTYDMnZvcv5v7gYKAFgZTDzcS6y
k9U6/lAPy62LF0ccOpub9c5s4nRyEOm+
=7uMl
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Security hole: Digital Signing + Downloadable fonts
  - From: Barbara Jennings

References:
- Re: Security hole: Digital Signing + Downloadable fonts
  - From: PASZTOR Miklos

Prev by Date: Re: FW: Security hole
Next by Date: Re: Security hole: Digital Signing + Downloadable fonts
Previous by thread: Re: Security hole: Digital Signing + Downloadable fonts
Next by thread: Re: Security hole: Digital Signing + Downloadable fonts
Index(es):
- Date
- Thread