Re: rfc2534 and multiple signing certificate attributes

["Housley, Russ" <rhousley@xxxxxxxxxxxxxxx>]

Peter:

You are referring to ESS, RFC 2634, right?

In some cases, signatures are serial.  In this case, a countersignature 
that contains the current Signing Certificate Attribute is sufficient.

In other cases, signatures are parallel.  I think that your comments apply 
to this situation.  Here, multiple signer info structures are present, each 
with it's own Signing Certificate Attribute.  You are looking for a way to 
bind two or more signer info structures together.  Am I understanding your 
concern correctly?

Russ

At 05:49 PM 8/10/2001 +0200, Peter Sylvester wrote:


> rfc2534 defines the usage of a Signing Certificate Attribut where
> actually only exactly one public key certificate + a list
> of attribute certs can be indicated.
>
> It happens sometimes that some signature policies require that
> several signatures MUST be present before a document becomes
> valid. Contrary to the real world it is rather simple to remove
> one of multiple signatures on a CMS document, and this may
> put the remaining signers into an undesirable situation.
>
> It seems useful to extend have a mecanism for the signer indicating
> that his signature is only valid if it is also signed by one
> or more other signers.
>
> Would it be useful to allow for multiple occurences of the attribute
> to indicate that the overall signature is valid if there are multiple
> signatures for all of the indicated attributes.
> In addition, multiple attribute values could be used to indicate that
> at least one of the indicated certs should match.
>
> Unfortunately there is no "global" attribute set. Thus, the attributes will
> occur in all signerinfos.
>
> I would like to propose this as a modification to whatever will be
> son of rfc2524.
>
> Any comments are welcome.
>
> Peter Sylvester