Re: Multiple signatures in clearsigned messages (was Re: Cleartext Signatures)

[David Shaw <dshaw@xxxxxxxxxxxxxxx>]

On Wed, Oct 12, 2005 at 12:07:13AM -0700, "Hal Finney" wrote:

> I am a bit uncomfortable with the notarization signature in general.
> We have it in the draft but have no experience with it in reality,
> which is kind of the opposite of the usual IETF procedure.  I guess it
> was somebody's bright idea that got stuck in, in case people might want
> to use it someday.
> 
> The fact that we may have to add further rules clarifying how to use it
> just emphasizes our lack of experience with the construct.  Often with
> these things you don't find the problems until you actually try to use it
> for something and interoperate with others.  Given that notary signatures
> have been in the draft in some form or other for years without seeing
> any use that I know of, should we consider taking them out?

While I hate to say it, given the number of hours that went into it
thus far, I think I agree.  Last call is approaching, and we have no
implementations of it and no experience with it.

This isn't to say that I think we should scrap notary signatures -
just that it might be a good idea to bump them into their own RFC so
as not to delay 2440bis.  I don't believe that implementation and
experience can be achieved in time, and I'd rather see them done right
than done in 2440bis.

David