{"draft":"draft-ietf-smime-multisig-05","doc_id":"RFC5752","title":"Multiple Signatures in Cryptographic Message Syntax (CMS)","authors":["S. Turner","J. Schaad"],"format":["ASCII","HTML"],"page_count":"17","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"S\/MIME Mail Security","abstract":"Cryptographic Message Syntax (CMS) SignedData includes the SignerInfo\r\nstructure to convey per-signer information.  SignedData supports\r\nmultiple signers and multiple signature algorithms per signer with\r\nmultiple SignerInfo structures.  If a signer attaches more than one\r\nSignerInfo, there are concerns that an attacker could perform a\r\ndowngrade attack by removing the SignerInfo(s) with the \\'strong'\r\nalgorithm(s).  This document defines the multiple-signatures\r\nattribute, its generation rules, and its processing rules to allow\r\nsigners to convey multiple SignerInfo objects while protecting against\r\ndowngrade attacks.  Additionally, this attribute may assist during\r\nperiods of algorithm migration.  [STANDARDS-TRACK]","pub_date":"January 2010","keywords":["[--------]","signeddata","signerinfo","downgrade attacks","algorithm migration"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5752","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5752"}