On Oct 30, 2009, at 6:03 PM, Michael Chen wrote:
Cullen,The definition of StoredData the opening of Section 6 and its Signature in Section 6.1 are confusing:struct { uint32 length; uint64 storage_time; uint32 lifetime; StoredDataValue value; Signature signature; } StoredData; The contents of this structure are as follows: length The length of the rest of the structure in octets. ... value The data value itself, as described in Section 6.2. signature A signature over the data value. Section 6.1 describes the signature computation. The element is formatted as described in Section 5.3.4 6.1. Data Signature Computation Each StoredData .... The input to the signature algorithm is: resource_id + kind + StoredData + SignerIdentity Where these values are: ... StoredData The contents of the stored data value, as described in the previous sections, with the lifetime set to 0.1) "length" seems to suggest it equals (sizeof(StoredData) - sizeof (length)), which means the size of StoredDataValue and Signature must be obtained before signing. No big deal, but the text should more explicit and precise. Suggestion:length The size of the StoredData structure in octets excluding the size of length itself.
The wording is wrong and it should be simply "length = sizeof (StoredData)" because "the length is the size in octets of StoredData excluding all other fields". Please correct me if I am wrong, it's late.
2) The big problem is the signature input. In Section 6 the term "data value" appears in both the definition of "value" and "signature", seems to suggest that the 3rd input block for the signature only refer to the "value" field. In Section 6.1, the instruction of setting "lifetime" to 0 before signing suggest the signature includes the rest of the fields PLUS the signature itself (the 3rd input block is "+ StoredData +").If I am not mistaken, the correct definition for the signature input should be:resource_id + kind + storage_time + lifetime + value + SignerIdentityThe fact that "length" includes the size of the signature is somewhat awkward to be in the input. Excluding it does not degrade the security of the signature. If it is up to me, instead of setting "lifetime" to 0 before signing, why not exclude it all together?
Where does the length field include the sizeof(signature)? See above.
3) "SignerIdentity" in this section should refer to its definition in Section 5.3.4 to prevent people from reading it as simply a 20- byte SHA1 hash value.SignerIdentityThe signer identity as defined in Section 5.3.4, which MUST includea hash of the signer's certificate. Thanks --Michael _______________________________________________ P2PSIP mailing list P2PSIP at ietf.org https://www.ietf.org/mailman/listinfo/p2psip