On 1999-02-18 12:25:34 -0800, John W. Noerenberg wrote:
Write up the motivation for multiple signatures, and publish it to
the list.
Generally, it may be practical to have the possibility to have
multiple entities same one and the same document. Possible
applications include:
- Transit periods in which one person is using multiple signature
keys and wants to make sure that every recipient can verify a
signature.
- Four-eye-principle: Messages may have to be revised and signed by
two or more persons to be considered valid. Multiple signatures
give a simple implementation of this.
- Multi-protocol signatures: A message may be signed with different
algorithms or protocols, e.g., MOSS, S/MIME, and PGP/MIME.
There seem to be essentially three different solutions from a PGP
point of view:
- Put multiple signature packets into the application/pgp-signature
part of a multipart/signed; protocol=pgp-signature body. I have
not tested this. It may or may not work, and it doesn't satisfy
application 3, as it's PGP specific.
- Permit multiple application/pgp-signature parts in a mult/sign;
prot=pgp-sig body. This would be an extension of RFC 1847, it
would be simple, but it would be PGP-specific once again.
- Define a multipart/mixed protocol in the spirit of RFC 1847. This
would not require any changes to RFC 1847, and it would be usable
for all applications I listed above.
I prefer this solution for the reason that it is not specific to
any of the underlying signature protocols. Modifications to MUAs
to support this on the receiving side are minimal if these MUAs
are able to handle multi-level MIME structures. I've done a
testbed implementation in the unstable tree of the Mutt MUA.
For the details of this protocol, see Michael Elkins' message from
Tue, 1 Dec 1998 17:15:18 -0800 to this list.
tlr
--
http://home.pages.de/~roessler/