On 2015-09-08 21:07, Rob Austein wrote:
Hmm, I would have thought we'd want to keep the chaining, in the
sense
that non-originating would sign the previous signature. I've no real
objection to signing everything else again, it's just removal of the
previous signature that I find odd here.
The benefit I see to keeping the signature chaining is that it adds
an
ordering constraint to the signatures (signature A must have been
created after signature B), corresponding to the order in which we
expect the update to travel between signers. This seems like a good
thing, and I don't see why we'd want to remove it. As you've
demonstrated, it doesn't remove all possible forms of mischief, but
it
raises the bar a bit, and it's cheap, so why not?
I agree that signature chaining provides the guarantee you stated, that
signatures were generated in order. But in the presence of
non-validating signers, I don't think it provides any other guarantee.
What does the guarantee about signature order provide? I don't see how
it's useful, but I could be missing something.
Am I missing something? Where's the benefit in removing the
chaining?
There's no benefit to removing it, except that I don't see any benefit
to keeping it (if we sign the full data, as I described).
--
David Eric Mandelberg / dseomn
http://david.mandelberg.org/
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
