On Wed, 14 Dec 1994 10:22:22 EST, Steve Crocker said:
2a. Two people both approved and vouch for the document.
2b. One person signed with two forms of signature, e.g. a DSS and a RSA
signature, to facilitate acceptance by a wide range of recipients.
...
However, I think it is perfectly acceptable to leave the meaning of
multiple signatures up to the recipient.
Steve:
I see a problem here - given that PEM is at least trying to be a scheme
where the signatures will be (at least close to) legally binding, allowing the
recipient to decide could be a problem. Do you really want somebody being
allowed to change his mind about what you intended after the fact, especially
if a deal has gone sour and you're at each other's throats? ;)
Imagine if a bank decided that since you showed 2 forms of ID
when caching a check (say a driver's license and a passport (similar to 2b)),
that 2 people had endorsed the check (see 2a), and sent it back because
they weren't endorsed in the right order? It was bad enough the time I bounced
a check because the bank didn't deposit a check because it was written out to
me, but my wife endorsed the back, and then I signed under her name....
I think that if there are multiple signatures, the signator(ies) should be
required to state what the intent is...
Valdis Kletnieks
Computer Systems Engineer
Virginia Tech