[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenPGP agenda for Dec 7

To: Kazu.Yamamoto (山本和彦) <kazu@xxxxxxxxxx>)
Subject: Re: OpenPGP agenda for Dec 7
From: "William H. Geiger III" <whgiii@xxxxxxxxxxx>
Date: Wed, 02 Dec 1998 12:29:45 -0500
Cc: ietf-open-pgp@xxxxxxx
In-reply-to: <>
Sender: owner-ietf-open-pgp@xxxxxxx

In <19981202220752F.kazu@xxxxxxxxxx>, on 12/02/98 
   at 10:07 PM, Kazu Yamamoto (山本和彦) <kazu@xxxxxxxxxx> said:

>My experience says that the most difficult point is how to define
>semantics of multiple signatures. (e.g. if verification of the first
>signature succeeds and that of the second fails, how can we treat
>this?)

Well this is going to depend on how the signatures are being used.

Example #1

We have a contract that 3 people need to sign off on. For the contract to be valid all three signatures must be valid.

Example #2 **

We have a memo that is being circulated through the office. After each person reads it they must sign off on it verifying that the memo has been read. In this case a failure of one signature is a minor issue and can be resolved by generating a new signature.

Example #3

A message posted to a public forum is signed with both the authors RSA key and his DSA key to resolve compatibility issues between the various versions. The validity of the message will depend on the capabilities of the verifiers software (if one of the 2 signatures fail).

As you can see we no longer have the black and white scenario of pass/fail on signature verification. I am not sure if we can really codify how to handle partial failure of parallel signatures in the ID and it may be best to leave this up to the application.


It should be noted that when I am discussing multiple signatures I am talking about parallel signatures where all signatures are for the same block of data (as opposed to encapsulated signatures where a signed document is then signed a second time with the hash calculated over the data and first signature).

I will look over the 2 documents mentioned and get back to you on this.


** The inter-office memo becomes real interesting when you have the readers who want to sign off on the memo but also add comments but still be left with a single document in the end.

-- 
---------------------------------------------------------------
William H. Geiger III  http://www.openpgp.net
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
---------------------------------------------------------------

Follow-Ups:
- Re: OpenPGP agenda for Dec 7
  - From: 山本和彦
- Re: OpenPGP agenda for Dec 7
  - From: Thomas Roessler

References:
- Re: OpenPGP agenda for Dec 7
  - From: 山本和彦

Prev by Date: Re: OpenPGP agenda for Dec 7
Next by Date: Re: OpenPGP agenda for Dec 7
Previous by thread: Re: OpenPGP agenda for Dec 7
Next by thread: Re: OpenPGP agenda for Dec 7
Index(es):
- Date
- Thread