Please see the text in the updated document. This was changed in the
most recent version:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt
Russ
At 09:50 AM 2/15/2007, Peter Sylvester wrote:
1 - The document goes beyond specifying how to determine if a message
is validly signed by a given signer. The core of the dispute
is the following proposed sentence:
| When the collection represents more than one signature, the successful
| validation of one of signature from each signer ought to be
| treated as a successful validation of the signed-data content type.
This sentence implicitly states that the document as a whole is
well signed when all the signers have signed it !!! It cannot stay like that.
The text may be misleading. but there is 'a successful', not just
'successful'. Maybe
one should clarify 'one of the successful' for that signer or so.
It should say: Whenever you detect several signatures from the same
signer, then
it usually sufficient that only one being valid.
The intent was to say the message was validly signed by a given
signer, if any of the digital signatures from that signer is valid.
I think there is consensus.
The key question is first : How can the CMS engine (*not* the
application) determine which digital signatures are from the same signer.
I understand that this is out of scope of the document. I don't says
that I agree.
The second point (and I have not mentionned this argument before)
is that saying that "the message was validly signed by a given
signer, if any of the digital signatures from that signer is valid"
only works if the algorithms used are *all* considered as secure. A
few words in the security considerations section (only 3 lines
today) would certainly help to take care of that point.
Since a non secure algorithm would be rejected, the signature would
not be validated. But
adding a comment in the security section can help.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf