W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

Multiple signatures in same sig element

From: John Boyer <jboyer@uwi.com>
Date: Wed, 28 Jul 1999 09:49:04 -0700
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
I should start by backtracking on one piece of requirements feedback.
Regarding Section 2, para 2.3A, I wrote that it seemed vacuously true.
That's a terrible term to use, and the more I think about it, the more I'm
probably wrong about it anyway (sorry Joseph).

This part of the req. doc. states that "Only enough information necessary to
check the validity of the cryptographic signature need be provided".

This is precisely the type of statement that can keep us focused on not
doing extra things like putting multiple signatures in the same signature

If we want to associate multiple signatures together, then we can use signed
RDF to describe both the association and the reason for the association
between multiple signatures.  Trying to jam many of them into one block is
implicitly adding information that is not necessary to check the validity of
the cryptographic signature...

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company
Received on Wednesday, 28 July 1999 12:48:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:09:55 UTC