Russ Housley <housley(_at_)spyrus(_dot_)com> writes:
A countersignature attribute can have multiple attribute values. The syntax
is defined as a SET OF AttributeValue, and there must be one or more
instances of AttributeValue present.
The UnsignedAttributes syntax is defined as a SET OF Attributes. The
UnsignedAttributes in a signerInfo may include multiple instances of the
countersignature attribute.
The problem with this is that it leads to ambiguous interpretations of how to
encode the countersignature (one attribute, one or more values; multiple
attributes, single value; multiple attributes, multiple values). The nice
thing about John's proposal (one attribute, one or more values) is that it's a
canonical encoding - there's no way individual implementors can misinterpret
it to produce something different from what everyone else is doing. Given
that countersignatures seem to be unused by anyone (or at least anyone who's
replied so far), using John's more rigorous definition wouldn't seem to cause
any problems.
Peter.