lgl island-resort.com <[email protected]> wrote: > There is RFC 9338 for counter signatures. Your use case is not listed > as one that RFC 9338 addresses. Maybe RFC 9338 can be used if you sign > with the strongest signature first, then counter sign with the next > weakest and so on.
So the attacker can remove the weaker ones, unwrapping things essentially. It implies a partial ordering on algorithm strength, and the assumption that the "stronger" (assumed by me quantum-safe) ones are not defeated by something else. It seems to me that an inner attribute is needed to signal what algorithms the signer expects to be used. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
