Even stipulating for the moment that it's good to sign with multiple certificates, I do not believe that this is the correct approach to doing so.
If we're going to do something here, something more like https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/ seems like a better starting point. -Ekr On Wed, Apr 29, 2026 at 4:27 PM Stephen Farrell <[email protected]> wrote: > > Hiya, > > Given that it may be the case that getting certificates for > composite signing keys could be impractical and also involve > a combinatoric explosion in the number of credentials severs > would need to have available, I wonder if anyone has explored > whether it'd be useful to look at defining a way in which a > server (or, I guess, a client) could authenticate using more > than one CertificateVerify message? > > I guess that figuring that all out, and getting it implemented > and deployed would involve a pile of work, but ISTM it might > be useful, hence the question:-) > > Cheers, > S. > > PS: If this isn't a bonkers idea, I'd be willing to do work on > it, for whatever that'd be worth:-) > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
