> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Stefan Kelm > Sent: Tuesday, December 23, 2003 1:44 AM > To: [EMAIL PROTECTED] > Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
> Ah. That's why they're trying to rename the corresponding keyUsage bit > to "contentCommitment" then: > > http://www.pki-page.info/download/N12599.doc > > :-) > > Cheers, > > Stefan. Maybe, but that page defines it as: -------------------------------------------------- contentCommitment: for verifying digital signatures which are intended to signal that the signer is committing to the content being signed. The precise level of commitment, e.g. "with the intent to be bound" may be signaled by additional methods, e.g. certificate policy. Since a content commitment signing is considered to be a digitally signed transaction, the digitalSignature bit need not be set in the certificate. If it is set, it does not affect the level of commitment the signer has endowed in the signed content. Note that it is not incorrect to refer to this keyUsage bit using the identifier nonRepudiation. However, the use this identifier has been deprecated. Regardless of the identifier used, the semantics of this bit are as specified in this standard. -------------------------------------------------- Which still refers to the "signer" having an "intent to be bound". One can not bind a key to anything, legally, so the signer here must be a human or organization rather than a key. It is that unjustifiable linkage from the actions of a key to the actions of one or more humans that needs to be eradicated from the literature. - Carl +------------------------------------------------------------------+ |Carl M. Ellison [EMAIL PROTECTED] http://theworld.com/~cme | | PGP: 75C5 1814 C3E3 AAA7 3F31 47B9 73F1 7E3C 96E7 2B71 | +---Officer, arrest that man. He's whistling a copyrighted song.---+ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]