<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<div class="moz-cite-prefix">I'm one of the original specifiers of
DSIG and I can tell you with certainty that the "as-implemented"</div>
<div class="moz-cite-prefix">code is entirely worthless. Nobody
actually thoroughly checks all of the components of a digital
signature.</div>
<div class="moz-cite-prefix">Signature authorities are vulnerable to
compromise and an actual check is computationally</div>
<div class="moz-cite-prefix">significant. A thorough check requires
internet access (revocation lists etc.) and reading the whole font
file.</div>
<div class="moz-cite-prefix">Further, I know of no actual commercial
implementations that reject fonts because of malformed 'head'</div>
<div class="moz-cite-prefix">table entries. Further, many fonts were
built using the Apple sample code which has a number of</div>
<div class="moz-cite-prefix">substantive issues (processor endian
specific, integer word size specific, and field overun when</div>
<div class="moz-cite-prefix">tables are not multiples of 4 bytes in
length). At this point DSIG is irrevocably "security theater" and</div>
<div class="moz-cite-prefix">should be removed. An invalid illusion
of security is worse than no security.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Terence Dowling</div>
<div class="moz-cite-prefix">Adobe 1991-2010</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 8/25/2020 15:08, Peter Constable
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:MWHPR1301MB211200F9D049EB9BAE73FC3C86570@MWHPR1301MB2112.namprd13.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cordia New";
panose-1:2 11 3 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">There’s an issue that was opened against
the DSIG chapter of the OT spec regarding the spec for
calculating signature hashes.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a
href="https://github.com/MicrosoftDocs/typography-issues/issues/455"
moz-do-not-send="true">https://github.com/MicrosoftDocs/typography-issues/issues/455</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This is not a new issue, having been raised
at least as early as 2016, and I’m pretty sure earlier than
that. It was raised in this list (its earlier version) by
Hin-Tak Leung in November 2016.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a
href="https://lists.aau.at/pipermail/mpeg-otspec/2016-November/000835.html"
moz-do-not-send="true">https://lists.aau.at/pipermail/mpeg-otspec/2016-November/000835.html</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I want to let people here know that, in
triaging OT spec issues, I’ve marked this as P1 as it’s an
important issue with implementations being blocked. I’ve asked
relevant people at Microsoft for clarification, and suggested
one or other of the courses of action that Cosimo Lupo
proposed on this list (<a
href="https://lists.aau.at/pipermail/mpeg-otspec/2016-December/000837.html"
moz-do-not-send="true">https://lists.aau.at/pipermail/mpeg-otspec/2016-December/000837.html</a>):
either provide an interoperable spec, or else deprecate DSIG
once and for all.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Peter<o:p></o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
mpeg-otspec mailing list
<a class="moz-txt-link-abbreviated" href="mailto:mpeg-otspec@lists.aau.at">mpeg-otspec@lists.aau.at</a>
<a class="moz-txt-link-freetext" href="https://lists.aau.at/mailman/listinfo/mpeg-otspec">https://lists.aau.at/mailman/listinfo/mpeg-otspec</a>
</pre>
</blockquote>
<p><br>
</p>
</body>
</html>