Wikpedia says (http://en.wikipedia.org/wiki/Server_Name_Indication):
Since 2005, CAcert has run experiments on different methods of using TLS on virtual servers.[4] Most of the experiments are unsatisfactory and impractical. For example, it is possible to use subjectAltName to contain multiple domains in a single certificate, but as this is one certificate, this means all the domains must be owned and controlled by one person, and the certificate has to be re-issued every time the list of domains changes.
While I understand the motivations for SNI, I think the above statement is an indication of bogosity - if not in the statement, then in the structure of a certificate and signatures.
What I want is
...
I.e. I want to be able to have multiple certifiers attached, post facto, to a certificate.
(as well as I want to be able to have the certifier statements and signatures stored separately)
Certifier statements and signatures are metadata. Metadata can be both adjacent, as above, or non-adjacent.
There can be an integrity code on the certificate_carrier, signed by the certifiee. since the certifiers have themselves signed, protecting the integrity, of the enclosed certifiee statement, this enables the certifiee to add more certifier statements over time.
I.e. the certifier certifies the certifiee statemnt, not the entire certificate carroer. Although we could have tghat, too: the certifier could say "I certify this only if Verisign has also certified it", etc.