What prevents their order from being swapped? There could be valid
reasons for someone wanting to modify the apparent order when blame
for abuse is being established. This is beginning to feel like three-
card monte.
If I were doing this, which I am not at all sure I want to do, when I
was signing a message, I would look at all of the existing signature
lines, pick a sequence number that is one more than the maximum
sequence number I found, and include all of the existing sigs in my
new sig computation. Then a recipient could verify all the signatures
and their order by peeling them off one at a time in reverse order and
checking them.
What I am mostly seeing here is that we don't have a clear model of
the ways that people will use multiple signatures. Let's say your
message has three sigs from Able, Baker, and Charlie (in that order if
you care about order.) Able and Charlie verify, Baker doesn't. Now
what do you do?
R's,
John
_______________________________________________
ietf-dkim mailing list
http://dkim.org