Arvel Hathcock wrote:
? supporting multiple signatures on single messages
Humm... not sure about this one. If verifiers only supported a single
signature it would be wise for signers to strip out any existing
signatures before re-signing. That would cause the loss of
"potentially" useful data wouldn't it? But, come to think of it, old
signatures don't verify (otherwise, why resign the message at all) and
what is the practical use of a non-verifiable signature. You can't
make any definitive decisions based on broken signatures can you?
It's perfectly possible to have multiple unbroken signatures over a
given message. That's what we want to preserve.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org