Re: Multiple signatures in clearsigned messages (was Re: Cleartext Signatures)

["Brian G. Peterson" <brian@xxxxxxxxxxxxx>]

On Wed, Oct 12, 2005 at 12:07:13AM -0700, "Hal Finney" wrote:
> > The fact that we may have to add further rules clarifying how to use it
> > just emphasizes our lack of experience with the construct.  Often with
> > these things you don't find the problems until you actually try to use it
> > for something and interoperate with others.  Given that notary signatures
> > have been in the draft in some form or other for years without seeing
> > any use that I know of, should we consider taking them out?

On Wednesday 12 October 2005 08:06 am, Daniel A. Nagy wrote:
> Please don't. I do have a very good use for them and I'm going to go ahead
> with an implementation. As soon as it's working reliably and securely, I
> will write up the specifications for inclusion in the standard.

I second this.  A workable notary signature method for both clear-signed and 
pgp/mime is badly needed for evidentiary reasons.  

The hypothetical human rights example discussed a few weeks ago applies 
clearly here, where a file/message may pass through multiple hands before 
arriving at it's final destination, and the original signer may be dead by 
the time it gets to the final destination.  Having a notary chain of 
signatures over the same original can provide valuable chain of evidence 
information.

Regards,

  - Brian Peterson