have recently received a clearsigned PGP message that was signed
simultaneously with two different PGP keys,
but it caused 6.5.8ckt (build 8) to crash
the double signed messages can easily be generated from gnupg (command
line only),
but (afaik) not from pgp, even from the command line (2.x or 6.x)
have put up examples here:
http://www.angelfire.com/pr/pgpf/dspm.html
have found that the double signed messages were not a problem in pgp
8
under any circumstances,
and were not a problem for 6.5.8 as long as they weren't clearsigned
would like to request confirmation of this from anyone who uses 6.5.8
or 7.x
the double signed message can be very useful in the following specific
situation:
if someone wants to sign and encrypt to two different people, but, for
whatever reason,
exchanged one key with one recipient and another key with another, and
doesn't want to have the keys uploaded to a server,
then, by double signing, the sender can have the message verified
independently with different keys for different receivers
{sort of cool, actually, i wish it could be done from pgp ;-) }
are multiple simultaneous signatures acceptable Open PGP behavior ?
tia,
vedaal
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427