Ian proposes below two draft-definitions for non-repudiation - legal and technical. Lynn also sent us a bunch of definitions. Let's focus on the technical/crypto one for now - after all this is a crypto forum (I agree the legal one is also somewhat relevant to this forum).
In my work on secure e-commerce, I use (technical, crypto) definitions of non-repudiation, and consider these as critical to many secure e-commerce problems/scenarios/requirements/protocols. Having spent considerable time and effort on appropriate definitions and analysis (proofs), I was/am a bit puzzled and alarmed to find that others in our community seem so vehemently against non-repudiation.
Of course, like other technical terms, there can be many variant definitions; that is not really a problem (the community will gradually focus on few important and distinct variants). Also it's an unavoidable fact of life (imho) that other communities (e.g. legal) use the same term in somewhat different meaning.
So my question is only to people like Ben and Carl who have expressed, if I understood correctly, objection to any form of technical, crypto definition of non-repudiation. I repeat: do you really object and if so why?
I object because its not a technical, crypto concept. It doesn't matter what you do to try to achieve non-repudiation technically, I can always repudiate it - all I have to do is say "I didn't sign that" or "it wasn't me that initiated that transaction".
What of applications/scenarios that seem to require non-repudiation, e.g. certified mail, payments, contract signing,...?
These do not require non-repudiation in the existing world, why do they suddenly need it when they become electronic?
What I presume you are trying to get at is to distinguish the use of a key with an intent to bind you rather than with an intent to provide authentication (or some other service signing can provide). This is not non-repudiation, it's something else, and it only confuses matters to use the wrong word for it.
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]