> -----Original Message----- > From: Balázs Nagy [mailto:[EMAIL PROTECTED]] > Sent: 07 May 2002 14:58 > To: [EMAIL PROTECTED] > Subject: Re: Repudiability > > > [EMAIL PROTECTED] wrote: > > >>Suppose someone refutes that they have sent information to > a Web site > >>owner, how is the Web site owner to prove that the > information was in > >>fact received and that it was signed with a given key? > >> > >>To do this, the Web site owner would presumably need to be > >>able to produce > >>the still-encrypted post as sent by the user, but from a > >>quickish reading > >>of the mod_ssl reference, I don't see any way to log this > information. > >> > >>Andrew McNaughton > > > > Provided you know the time of the transaction, the web > server logs will give > > you details of the IP address all the web transactions are > coming from. You > > can find who owns this IP address via the Ripe (www.ripe.net), Arin > > (www.arin.net) or Apnic (www.apnic.net) websites. > > > > From this you can find which ISP this address belongs to, > and that ISP can > > verify who was using that IP address at the time. How much > assistance you > > receive from each ISP will vary. > > > > That may give you sufficient information to press a case > against the person > > who alleges they didn't access your website, but IANAL. > > John, unfortunately IP hijacking is so trivial (see threads > on bugtrack) that > this method will not work with reasonable certainty. > I don't think the question involved IP address hijacking, but I take your point. I also forgot to factor in AOL users who apparently (urban myth?) change IP addresses every few seconds. I haven't seen anything on Bugtraq recently about IP hijacking, but then again I delete more emails from Bugtraq than I do from this list.
- John Airey Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] The teaching of evolution as a proven fact rather than a theory has done more harm to scientific progress than anything else in history. - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk 14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to find out all about it. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
