Nicolas Williams writes: > > I don't understand the usage case for nested signatures (don't I just > > care about the bits delivered?), but at least parallel signatures > > ought to be offered. > > As I imagine it the publication service would sign the manifest and the > signature of the manifest by the submitter. That would make it a nested > signature.
My question was "why." What does it gain the publication service to sign someone else's signature? It means only that some third party can't remove or alter that other (upstream) signature, but if someone were to do that, how is that alteration the publication service's problem? Why should he care? (It almost sounds to me like you might be trying to build in the option for some kind of licensing system, but I'm not quite seeing how it would work.) -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
