7.3.4. Key Specification Mixup

7.3.4. Key Specification Mixup

The existence of a valid signature on an HTTP message is not sufficient to prove that the message has been signed by the appropriate party. It is up to the verifier to ensure that a given key and algorithm are appropriate for the message in question. If the verifier does not perform such a step, an attacker could substitute their own signature using their own key on a message and force a verifier to accept and process it. To combat this, the verifier needs to ensure not only that the signature can be validated for a message but that the key and algorithm used are appropriate.