Douglas Otis wrote:
,---
|4. Semantics of Multiple Signatures
|...
| When evaluating a message with multiple signatures, a verifier should
| evaluate signatures independently and on their own merits. For
| example, a verifier that by policy chooses not to accept signatures
| with deprecated cryptographic algorithms should consider such
| signatures invalid.
'___
The terms "deprecated" and "obsolete" have been defined for HTTP that
are fairly typical of other computer related definitions.
http://www.w3.org/TR/REC-html40/conform.html
There's no need to appeal to HTTP; deprecated and obsolete's normal
definitions are consistent with what you state here:
An element has a status of "deprecated" when it will not be supported
some time in the future.
An element has a status of "obsolete" when support is currently being
withdrawn.
In this paragraph, the term "deprecated" should be changed to "obsolete"
to be consistent.
+1
Tony Hansen
tony(_at_)att(_dot_)com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html