Peter Gutmann wrote:
nisse%lysator.liu.se@localhost (=?iso-8859-1?q?Niels_M=F6ller?=) writes:Then I think the first thing you have to do is to write up the requirements. "Non-repudiation" is a very fuzzy concept to me, and I'll have a hard time participating in discussion of details in a non-repudiation mechanism.It's a fuzzy concept to everyone, so much so that after 20-odd years of trying the X.509 guys gave up and renamed the nonRepudiation flag in certs to something that actually had a meaning. Calling it a "delivery receipt" would be better, that's what S/MIME (which is the only major standard to specifically address this) calls it. In fact you could probably lift a lot of the S/MIME stuff, since they've looked at it in some detail.
Its actually a concept with a perfectly well-defined meaning in law - which is, it is something that is _defined by law_ to be non-repudiable (i.e. you can deny it, but it doesn't get you anywhere). An example is the UK Customs and Excise electronic VAT returns - they are non-repudiable by statute.
If anyone cares, this whole debate caused me to write a paper about this (and other things) with a lawyer: http://www.apache-ssl.org/tech-legal.pdf
Section 2.7 deals with non-repudiation. Cheers, Ben. -- ApacheCon! 13-17 November! http://www.apachecon.com/ http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff