On Thu, 7 Jul 2016 16:45, derek(_at_)ihtfp(_dot_)com said:
I guess X.509v3 does, theoretically, allow multiple signatures on a
certificate, but I was under the impression that zero implementations
actually supported that?
I can't see how this is possible within an X.509 certificate:
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
There is only one signature for the to-be-signed-Certificate.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
/* Join us at OpenPGP.conf <https://openpgp-conf.org> */
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp