From: "William H. Geiger III" <whgiii(_at_)openpgp(_dot_)net>
Subject: Re: OpenPGP agenda for Dec 7
Date: Wed, 02 Dec 1998 12:29:45 -0500
As you can see we no longer have the black and white scenario of
pass/fail on signature verification. I am not sure if we can really
codify how to handle partial failure of parallel signatures in the
ID and it may be best to leave this up to the application.
Please don't jump to a conclusion. :-)
Many people discussed in many places many times. Some thought the same
as you. Some enumerated and categorized semantics. If time allows, I'd
suggest read the archives of pem-dev ml and ietf-pgp-mime ml.
As you said, there is no spec to define the syntax of multiple
signature. One spec (without semantics definition) is better than
nothing.
It is fine to me that you will define syntax only, and leave semantics
to applications. I like such slow start since we should not repeat the
same history.
I'd suggest that your ID should keep the door open for future
definitions of semantics.
--Kazu