Hi COSE WG, Pardon my COSE illiteracy, but I could not find the answer.
COSE can carry multiple signatures of the content which are validated independently. But could I take COSE legitimate content signed with SigAlgo1 and SigAlgo2, and remove the Algo2 signature structure, so that the verifier will only validate with Algo1? CMS prevents this by a new MultipleSignatures signed attribute defined in https://www.rfc-editor.org/rfc/rfc5752 which signifies that there are more signatures for the content and thus the other signatures cannot be stripped. I could not find if such functionality is available in COSE. Thank you, Panos
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
