Good catch, but this poses some difficulties. First is that it precludes ever encrypting a document after it is signed, as an encryption operation will write the manifest file. However, the existing encryption approach has a number of flaws, some serious, and this could be fixed if the encryption approach were updated. I'll put together a detailed proposal on that soon. This gotcha may be the cause of the mistake of not encrypting the documentsignatures.xml.
If you do not sign the manifest file, which would be another (quite bad) choice, then you're open to some fairly serious attacks where what's signed and what's rendered could be quite different.
The issue I was thinking of when I made that exclusion was that some servers may want to change benign metadata which is outside the signature. If everything were signed, then this would break the signature in one way or the other - if the metadata existed at signing time, then the server would break the signature, if not, then an evaluation of the signature would find that things were missing, and may choose to declare it a partial or even invalid signature. OOXML files run into the issue of benign metadata being added or edited with SharePoint, and I was thinking that other document repositories may have similar behaviors.
Perhap it needs to read:
If all of the document is to be signed, all files within the archive, excepting files contained within the META-INF folder, shall be contained within the signature by creating a Reference element for each as defined in [xmldsig]. The manifest.xml file within the META-INF folder shall be signed. Other files within the META-INF folder may be signed.
________________________________________
From: Hanssens Bart [Bart.Hanssens@fedict.be]
Sent: Sunday, May 09, 2010 11:07 AM
To: David LeBlanc; robert_weir@us.ibm.com; office@lists.oasis-open.org
Subject: RE: [office] What to do about digital signatures
David,
nice work, I'll give it some thought.
One small remark:
> 2) (...) If all of the document is to be signed, all files within the archive, excepting files contained within the
> META-INF folder, shall be contained within the signature by creating a Reference element for each as
> defined in [xmldsig].
Manifest.xml is also in META-INF, probably it should read
"except the file within the META-INF folder containing the signature"
Mvg,
Bart
PS: Rob, option #2 (send ODF 1.2 out for public review knowing that this issue is open, and commit to resolving
it when the public review ends) sounds good. I assume there will be (non-signature related) remarks anyway,
so that would probably lead to another 15-day review anyway.