I'm sure there are more qualified people to answer this, but since I've been staring at pgp-mime for the last few months, I thought I would give a few thoughts.
I believe you are asking, "is it possible to concatenate signatures, to create a new signature block which is then used with pgp-mime." 1. I think this is possible. If the dean signs your content, and you receive his signature, I *believe* that once an implementation gets the signature packet from the signature, it could added to a signature block. Each signature packet contains the keyid of the signer (if put there), and its own signature type/algorithm/hash/etc. So, I *believe* each signature is independent of every other signature. In my process of checking a signature, I find the keyId and lookup the keyId for the publicKey. So it doesn't matter who the mail is actually from. 2. An alternative, which you spoke of, I believe, would also work. Where a pgp-mime signature pair, contains a pgp-mime signature pair. So your dean would send you the mail, and you could encapsulate it with your own signature. The tricky part, of course, would be if any implementation actually facilitates this. Cheers, -tim p.s. Thanks for your help with the pgp-mime previously, -- g...@pmx.mooo.com
signature.asc
Description: Message signed with OpenPGPJS
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
