Search RFCs
RFC 5752
Multiple Signatures in Cryptographic Message Syntax (CMS),January 2010
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC5752
Discuss this RFC: Send questions or comments to the mailing listsmime@ietf.org
Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 5752
Abstract
Cryptographic Message Syntax (CMS) SignedData includes the SignerInfostructure to convey per-signer information. SignedData supportsmultiple signers and multiple signature algorithms per signer withmultiple SignerInfo structures. If a signer attaches more than oneSignerInfo, there are concerns that an attacker could perform adowngrade attack by removing the SignerInfo(s) with the \'strong'algorithm(s). This document defines the multiple-signaturesattribute, its generation rules, and its processing rules to allowsigners to convey multiple SignerInfo objects while protecting againstdowngrade attacks. Additionally, this attribute may assist duringperiods of algorithm migration. [STANDARDS-TRACK]
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.