Composite-OR: omitted signatures should be reflected in the SignatureAlgorithm Parameters

EntrustCorporation / draft-ounsworth-composite-sigs

IETF Internet-Draft about X.509 certificates with composite keys and signatures

Other

5 stars 4 forks source link

Closed ounsworth closed 1 year ago

ounsworth commented 2 years ago

This is to make Composite-OR slightly more resistant to stripping attacks; assuming the attacker can't also tamper with the remaining signatures.

(idea came from a comment from Russ on list)