At 3:05 PM 12/01/94, Eric Hughes wrote:

WARNING: The following paragraph does not have direct relevance to the issue at hand. It discusses servers which might verify signatures, which my current proposal does not have in it.

What I have realized in the interim is, that if a server is to verify a signature, the server should sign not the message but rather the signature. After all, the signature is what was being verified, not any property of the message. The user can still detect message alteration, by first verifying the sig-on-sig, and then comparing the hash value in the original sig to a hash on the message.

I echo Eric's warning, that I also don't mean this to have anything to do with the current thread. The benefit of having the list sign the entire message, is that even if people _don't_ sign the message themselves (assuming they aren't being requried to ;) ), there's still something left to sign. The list would be signing to indicate that, yes, this message did pass through cypherpunks@toad.com. Regardless of whether the author signed the message himself or not, completely different issue.