As an update... On 3/11/15 11:21 AM, Robert Kisteleki wrote: > On 2015-03-04 1:32, Andrei Robachevsky wrote: >> Stephen Kent wrote on 03/03/15 17:29: >>> I worry that accommodating multiple signatures will cause confusion for >>> RPs. One would need to specify what to do if one sig fails, but other >>> succeed, >>> for example. >> >> I think the draft is clear about that, requiring all signatures to be >> valid. And if we want to follow the RPSS/RFC2725 approach, then multiple >> signatures are needed. >> >> But, it is not entirely clear to me why we need an "o" field and not >> just multiple "signature:" attributes in cases when signing by several >> parties is required. > > Indeed, that is why we're dropping it. The o= field was suggested a long > time ago to make interdependent signatures. When thinking about the > implementability of it, it became clear that it has a *lot* of added > complexity, with not much benefit, if you compare to multiple, independent > signatures (which only make real sense for route objects, I think). > > The draft already allows multiple signatures, therefore dropping the o= > field is the simplest and most forward looking step.
The above and a few other editorial changes will be made in an upcoming revision... Hopefully published when the draft submission blackout lifts. Regards, Brian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr