Tim Dean <t(_dot_)dean(_at_)eris(_dot_)dera(_dot_)gov(_dot_)uk> writes:
CMS allow multiple entities to sign content 'in parallel' (sect 5.1).
However, I have come across an implementation which only expects to find
one signature in the SET OF SignerInfos, and will reject the message if
more than one is found. The rationale was that if there are multiple
signers, it causes confusion as to who originated the message. I have
several questions about this:
1) Is this behaviour regarded as conformant with the standard (since there
is no explicit size limit on the set)?
I believe so.
2) Are there other implementations which insist on this limitation?
My implementation will verify multiple signatures, provided they
use the same digest algorithm. (This wasn't really a conscious
choice, it's just a restriction that made implementation easier.)
3) Are there any implementations that have the capability to generate
multiple (parallel) signatures?
Not mine.
4) For implementations which accept multiple signatures, how do they detect
which one originated the message?
I don't have any UI, so I don't make any attempt. I just report back
a structure listing the signatures.
-Ekr
--
[Eric Rescorla Terisa Systems, Inc.]
"Put it in the top slot."