`cosign` is my new program for cooperatively signing documents with RSA (PKCS#1 v1.5 + SHA256) in a way that requires all the parties to produce partial signatures on the document without any of them having access to the private key. https://github.com/osresearch/cosign
@th looks interesting! Maybe add to readme a brief note on what parameters are used (key size) and (though it doesn't matter in this setting) performance?
