More than one signer - again from Jesper Lillesø on 2001-06-01 (w3c-ietf-xmldsig@w3.org from April to June 2001)

From: Jesper Lillesø <frogskins@lycosmail.com>
Date: Fri, 1 Jun 2001 15:32:23 +0200
To: <w3c-ietf-xmldsig@w3.org>
Message-ID: <000701c0ea9f$4c275680$01000001@rgm.dk>

Hi again,

The theme came up again...

The scenario is:

Person A creates a "package" of one or more documents. The package could
constitue a contract where the documents are descriptions and
specifications. The person A wants person B and C to sign the contract
(package) together with him, so he signs it himself and sends it to person B
and C.

It is important that when all (A, B, and C) have signed, it should be
possible to have one package with all documents and signatures - just like
any other contract in real life.

I wonder how this should be done?

In a previous answer on this list (to a similar situation) "Donald E.
Eastlake 3rd" <dee3@torque.pothole.com> sugested that (quote):

"If these are separate signatures by separate signers over the document then
you need separate Signature elements. Under some circumstances you can
abbreviate a bit by moving a length Reference list to a Manifest or using
the RetrievalMethod feature of KeyInfo."

This means that I would construct a "package" like (abbreviated):

------------------------------------
<Package>
  <Signature>
    <SignedInfo>
      (references contained objects)
    </SignedInfo>
    <SignatureValue>
       (of person A)
    </SignatureValue>
    <Object Id="file1.doc">
       (Base64 encoded file)
    </Object>
    <Object Id="file2.doc">
       (Base64 encoded file)
    </Object>
  </Signature>
  <Signature>
    <SignedInfo>
      (references the object from the first)
    </SignedInfo>
    <SignatureValue>
       (of person B)
    </SignatureValue>
  </Signature>
  <Signature>
    <SignedInfo>
      (references the object from the first)
    </SignedInfo>
    <SignatureValue>
       (of person C)
    </SignatureValue>
  </Signature>
</Package>
------------------------------------

This creates asymmetry in the signatures as it somehow "says" that the first
Signature is special (and it is not). You could say that I could include all
the Objects in all of the Signatures, but this is not a nice solution with
large Objects.

Why not let there be more than one SignatureValue? This would reflect the
real world where documents seldom are signed by only one. Would it create
problems?

Regards,
/Jesper

Received on Friday, 1 June 2001 09:32:58 UTC