Ah, ha.
Steve Kent says:
The argument, from my
perspective, was over whether PEM provided a general facility for
multiple signatures, specifically applied by different
originators. The answer to that question is no.
The argument, from my perspective, was something different. I had
seen the position taken that MIME-PEM was bad because it allowed (or
could be used in such a manner so as to create) multiple signatures,
and multiple signatures were bad because of the ambiguous ways of
interpreting them, particularly when one signature verifies and
another does not. My contention was that RFC 1421 also provided
multiple signatures (no specification that they be applied by
different originators), that those multiple signatures had possible
ambiguous interpretations and that MIME-PEM copied RFC 1421 in that
feature. Something like "The possibility for ambiguity has always
existed, why bring it up with respect to MIME-PEM?". Maybe this is
not a good argument, my mother always told me "If Johnny jumped off a
bridge, would you jump, also?", but we wanted to be as compatible with
old RFC 1421 header formats as possible.
Maybe Steve Kent and I are arguing different questions.
Maybe each message should start off with a "Be it here resolved that..."
so people know what we're discussing/arguing about.
--Sandy