Hello,
a question about the "Impact" section of this advisory.
The section states:
"SimpleSAMLphp supports only RSA signatures and keys."
I am using SSP 1.15 just fine with ECDSA keys (on the IdP, to sign
assertions, and on SPs, to validate the assertions). So, I wonder if
that is really true.
Did you maybe mean to write "SimpleSAMLphp does not support DSA
signatures and keys."
If that's the case, the enumeration of cases for exploitability of the
issue might need a re-think? I can imagine the cases:
Using a ECDSA public key to validate an XML signature made with an
RSA-related algorithm.
Using an RSA public key to validate an XML signature made with a
ECDSA-related algorithm.
Considering that my ECDSA key is now in production use (eduGAIN), many
SPs have this type of key in their saml20-idp-remote metadata now.
Does this mean an attacker can craft assertions seeming to come from my
IdP, sign them with an RSA key, and will pass validation at SPs which
only have the ECDSA key configured - or vice versa?
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel:
+352 424409 1
Fax:
+352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66