Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add security considerations text. #106

Merged
merged 5 commits into from
Jun 7, 2023
Merged
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 22 additions & 24 deletions spec/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -2787,31 +2787,29 @@ <h2>Security Considerations</h2>
<section>
<h3>Dataset Poisoning</h3>

<p class="issue" data-number="70" title="Attackers can construct poison datasets">
Add text that warns that attackers can construct datasets which are known to
take large amounts of compute time to canonize. The algorithm has a mechanism to detect
and prevent this sort of abuse, but implementers need to ensure that they
think holistically about their system such as what happens if they don't have
rate limiting on a service exposed to the Internet and they are the subject of
a DDoS. Default mechanisms that prevent excessive use of compute when an
attacker sends a poisoned dataset might be different from system to system.
<p>The canonicalization algorithm examines every difference in the
information connected to blank nodes in order to ensure that each will
properly receive its own canonical identifier. This process can be
exploited by attackers to construct datasets which are known to take
large amounts of computing time to canonize, but that do not express
dlongley marked this conversation as resolved.
Show resolved Hide resolved
useful information or express it using unnecessary complexity.
Implementers of the algorithm are expected to add mitigations that will,
by default, abort canonizing problematic inputs.
dlongley marked this conversation as resolved.
Show resolved Hide resolved
</p>
</section>

<section>
<h3>Formal Verification Incomplete</h3>

<p class="issue" data-number="70" title="Formal verification of algorithm is incomplete">
Add text that warns implementers that, while the algorithm has a mathematical
proof associated with it that has had peer review, and while a W3C WG
has reviewed the algorithms and that there are multiple interoperable
implementations, that a formal proof using a system such as Coq isn't available
at this time. We are highly confident of the correctness of the algorithm,
but we will not be able to say with 100% certainty that it is correct until
we have a formal, machine-based verification of the proof. Any system that
utilizes this canonicalization mechanism should have a backup canonicalization
mechanism, such as JCS, or other mitigations, such as schema-based
validation, ready in the event that an unrecoverable flaw is found in this algorithm.
<p>Suggested mitigations include, but are not limited to:
<ul>
<li>providing a configurable timeout with a default value applicable to
an implementation's common use, and / or</li>
<li>providing a configurable limit on the number of iterations of steps
performed in the algorithm, particularly recursive steps.</li>
dlongley marked this conversation as resolved.
Show resolved Hide resolved
</ul>
</p>
<p>Additionally, software that uses implementations of the algorithm can
employ best-practice schema validation to reject data that does not meet
application requirements, thereby preventing useless poison datasets from
being processed. However, such mitigations are application specific and
not directly applicable to implementers of the canonicalization algorithm
itself.
</p>
</section>

Expand Down