This idea was discussed with a few people, but it didn't seem very necessary, so it was dropped. I'm writing it down here because I would like to re-open it as an idea, and hopefully get some discussion on it prior to the eventual 0.12 release.
In previous iterations, multiple nodes could sign the same resource. For example:
the user publishes a resource from their work computer
their home computer synchronizes that resource
from their home computer, they can see that they published a resource from their work computer
if the user confirms that resource is correctly published, they could publish an additional signature for it
In the previous SDMP versions, if a user signs the same resource with multiple keys, this was supposed to lend it more credence. E.g. another user verifying some resource could see that it was signed by multiple identities.
Another idea would be: if a user revokes a node trust, all resources published and signed only by that node would be considered insecure, so a user would want to sign resources with multiple identities to make them more authoritative.
This idea was discussed with a few people, but it didn't seem very necessary, so it was dropped. I'm writing it down here because I would like to re-open it as an idea, and hopefully get some discussion on it prior to the eventual 0.12 release.
In previous iterations, multiple nodes could sign the same resource. For example:
In the previous SDMP versions, if a user signs the same resource with multiple keys, this was supposed to lend it more credence. E.g. another user verifying some resource could see that it was signed by multiple identities.
Another idea would be: if a user revokes a node trust, all resources published and signed only by that node would be considered insecure, so a user would want to sign resources with multiple identities to make them more authoritative.