MIME and OOXML digital signature

Doug Mahugh Doug.Mahugh at microsoft.com
Tue Jul 28 22:39:24 CEST 2009


Hi Murata-san,

That is correct, macros and encryption are not specified by 29500.

I would suggest changing the paragraph suggested by the IANA reviewer so that it doesn't say that "it may not be possible to rely on such signatures."  The digital signatures in ISO/IEC 29500 documents can be reliably used to determine whether content of the signed parts has changed, but of course that information is not available to implementations that do not implement support for OPC digital signatures.  So instead I propose something like this:

 > OOXML media types can employ digital signatures (ISO/IEC 29500-2, Clause 13) to make it possible to
 > detect tampering. However, OOXML documents may be constructed or alternated through a variety of means,
 > including generic XML editors or text editors, which may not implement OOXML digital signatures.  Such
 > modifications will make a digital signature invalid, but the document user would not be aware of this
 > fact until they open the document in software that implements OOXML digital signatures.

Regards,
Doug

-----Original Message-----
From: MURATA Makoto (FAMILY Given) [mailto:eb2m-mrt at asahi-net.or.jp]
Sent: Monday, July 27, 2009 8:01 PM
To: SC 34 WG4
Subject: MIME and OOXML digital signature

Dear colleagues,

I am trying to register media types of OOXML.

The IANA reviwer asked me a question:

> Makoto wrote:
> > However, when each part is exposed as a MIME body, it is not
> > controlled by office suites any more. It is certainly possible to reconstruct
> > OOXML documents after modifying core.xml by generic XML editors or even
> > text editors. If the original part is covered by OOXML digital signature (
> ISO/IEC
> > 29500-2, Clause 13), it is possible to detect that whether
> > the part has been altered.
>
> This is very unclear. I think what you are saying is that XML digital
> signatures are employed by some software, but other software doesn't
> necessary know how to compute such signatures so after some sorts of processing
> the signatures may be invalid.
>
> if that''s what you meant to say, then how about:
>
> OOXML media types can employ digital signatures (ISO/IEC 29500-2, Clause 13)
> to make it possible to detect tampering. However, since OOXML documents
> may be consructed or alternated through a variety of means, including
> generic XML editors or even text editors, it may not be possible to
> rely on such signatures.

In my understanding, an OOXML document will have an incorrect signature,
if a signed OPC part is changed later.  Application programs are able
to detect such (probably malicious) changes but they are not oblideged
to examine signatures.

The IANA reviwer also asked about macros and encryption.  AFAIK, neither
macros nor encryptions are specified by 29500.  Am I right?


Regards,

SC34/WG4 Convenor
MURATA Makoto (FAMILY Given)





More information about the sc34wg4 mailing list