7.1.1. Skipping Signature Verification

HTTP message signatures only provide security if the signature is verified by the verifier. Since the message to which the signature is attached remains a valid HTTP message without the Signature or Signature-Input fields, it is possible for a verifier to ignore the output of the verification function and still process the message. Common reasons for this could be relaxed requirements in a development environment or a temporary suspension of enforcing verification while debugging an overall system. Such temporary suspensions are difficult to detect under positive-example testing, since a good signature will always trigger a valid response whether or not it has been checked.

To detect this, verifiers should be tested using both valid and invalid signatures, ensuring that an invalid signature fails as expected.

7.1.1. Skipping Signature Verification​

7.1.1. Skipping Signature Verification