Even if there is, a different piece of data is being signed for each input/key. i.e. "Data to be signed, d" in your question above is not consistent. Look up OP_CHECKSIG for details.
This would be an incompatible break, and I harbor no illusions it would ever be used for Bitcoin. Lets consider this mostly theoretical possibly for some future altcoin. The transaction structure would not necessarily need or be the same. You can assume the d is the same for all inputs. One method would be that the entire tx is signed (all inputs, all outputs) but the exact structure is not that important.
Doing a little more research I believe it is possible to use elliptic-curve arithmetic to add the private keys together to create a "master" private key for signing and this master private key can be verified by adding the public keys together to form a master public key.
I was going to do some testing with OpenSSL but I need some sleep.