Interesting problem. I agree with everything Ned said, but let me
offer another perspective.
As Ned said, the orginal text of the contract can be put into one body
part and the commentary, etc. can be put into one or more separate
body parts. In addition, each body part and each aggregate (multipart
or message) body part can be signed if desired. This provides a lot
of options and it should be easy to impose some conventions to
accomplish the intended purpose. However, there's a connection with a
different problem that has recently come up.
The commentary is of the form: If you makes <these changes> to <that
document>, I will sign <my signature>. "<these changes>" is in
whatever form you want, e.g. free text, a diff file, or whatever.
"<that document>" is either a full copy of the original text, or it's
a pointer to the text. In either case, how do the various readers
know whether it's the same text as what the original writer wrote?
It's not quite sufficient to have the text protected by a checksum and
signature; it's also necessary to know that it's really the same text
as the one the original writer wrote.
I think what's required here is the checksum. The signature is
probably secondary. This corresponds fairly closely with the newly
added MD5 checksum that's been proposed for external files.
I see a couple of ways to put all this together, but I'll let the
thought just hang there and see what you all think.
Steve