At 11:42 07/01/2004 -0800, Ed Gerck wrote:
Jerrold Leichter wrote:
Now that we've trashed non-repudiation ...
Huh? Processes that can be conclusive are useful and do exist, I read
here,
in the legal domain. It may not be so clear how such processes can exist
in
the technical domain and that's
At 10:14 AM 1/7/2004 -0500, Jerrold Leichter wrote:
Now that we've trashed non-repudiation ... just how is it different from
authentication? In both cases, there is a clear technical meaning (though as
with anything in mathematics, when you get right down to it, the details are
complex and may be
| Non-repudiation applied to digital signatures implies that the definition
| states that only one person possibly had possession of the private signing
| key and was conscious about the fact that it was used to sign something.
There is absolutely *no* cryptographic or mathematical content to this
Jerrold Leichter wrote:
Now that we've trashed non-repudiation ...
Huh? Processes that can be conclusive are useful and do exist, I read here,
in the legal domain. It may not be so clear how such processes can exist in
the technical domain and that's why I'm posting ;-)
just how is it
Ed Gerck wrote:
Likewise, in a communication process, when repudiation of an act by a party is
anticipated, some system security designers find it useful to define
non-repudiation
as a service that prevents the effective denial of an act. Thus, lawyers should
not squirm when we feel the
: Jerrold Leichter [EMAIL PROTECTED]
Cc: Cryptography [EMAIL PROTECTED]
Sent: Wednesday, January 07, 2004 7:14 AM
Subject: Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]
Now that we've trashed non-repudiation ... just how is it different from
authentication?
I don't think
I did a Google search on irrebuttable presumption and found a lot
of interesting material. One research report on the State of
Connecticut web site
http://www.cga.state.ct.us/2003/olrdata/ph/rpt/2003-R-0422.htm
says: The Connecticut Supreme Court and the U. S. Supreme Court have
held that
- Original Message -
From: Jerrold Leichter [EMAIL PROTECTED]
Cc: Cryptography [EMAIL PROTECTED]
Sent: Wednesday, January 07, 2004 7:14 AM
Subject: Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]
Now that we've trashed non-repudiation ... just how is it different from
Now that we've trashed non-repudiation ... just how is it different from
authentication? In both cases, there is a clear technical meaning (though as
with anything in mathematics, when you get right down to it, the details are
complex and may be important): To produce an
At 06:24 PM 12/23/03 -0700, Richard Johnson wrote:
...
In my eperience, the terminology has more often been confidentiality,
integrity, and authentication. Call it CIA if you need an acronym easy
to memorize, if only due to its ironic similarity with that for the name of
a certain US government
At 18:02 29/12/2003, Ben Laurie wrote:
Amir Herzberg wrote:
...
specifications, I use `non-repudiation` terms for some of the
requirements. For example, the intuitive phrasing of the Non-Repudiation
of Origin (NRO) requirement is: if any party outputs an evidence evid
s.t. valid(agreement,
Amir Herzberg wrote:
Ian proposes below two draft-definitions for non-repudiation - legal and
technical. Lynn also sent us a bunch of definitions. Let's focus on the
technical/crypto one for now - after all this is a crypto forum (I agree
the legal one is also somewhat relevant to this forum).
Carl Ellison wrote:
If you want to use cryptography for e-commerce, then IMHO you need a
contract signed on paper, enforced by normal contract law, in which one
party lists the hash of his public key (or the whole public key) and says
that s/he accepts liability for any digitally signed
Carl Ellison wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stefan Kelm
Sent: Tuesday, December 23, 2003 1:44 AM
To: [EMAIL PROTECTED]
Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
Ah. That's why they're trying to rename
Amir Herzberg wrote:
At 04:20 25/12/2003, Carl Ellison wrote:
...
If you want to use cryptography for e-commerce, then IMHO you
need a
contract signed on paper, enforced by normal contract law, in which one
party lists the hash of his public key (or the whole public key) and says
that
Ian proposes below two draft-definitions for non-repudiation - legal and
technical. Lynn also sent us a bunch of definitions. Let's focus on the
technical/crypto one for now - after all this is a crypto forum (I agree
the legal one is also somewhat relevant to this forum).
In my work on secure
Yes, the term non-repudiation has been badly misused in
old PKIX WG drafts (in spite of warnings by myself and
others) and some crypto works of reference -- usually
by well-intentioned but otherwise misguided people trying
to add value to digital certificates.
However, IMO non-repudiation refers
: Tuesday, December 23, 2003 1:18 AM
To: [EMAIL PROTECTED]
Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
Ben, Carl and others,
At 18:23 21/12/2003, Carl Ellison wrote:
and it included non-repudiation which is an unachievable,
nonsense concept.
Any alternative definition
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stefan Kelm
Sent: Tuesday, December 23, 2003 1:44 AM
To: [EMAIL PROTECTED]
Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
Ah. That's why they're trying to rename the corresponding keyUsage
Ellison; [EMAIL PROTECTED]
Subject: RE: Non-repudiation (was RE: The PAIN mnemonic)
At 04:20 25/12/2003, Carl Ellison wrote:
...
If you want to use cryptography for e-commerce,
then IMHO you need a
contract signed on paper, enforced by normal contract law,
in which one
party
Carl Ellison wrote:
From where I sit, it is better to term these
as legal non-repudiability or cryptographic
non-repudiability so as to reduce confusion.
To me, repudiation is the action only of a human being (not of a key) and
therefore there is no such thing as cryptographic
Ian Grigg wrote:
Carl and Ben have rubbished non-repudiation
without defining what they mean, making it
rather difficult to respond.
I define it quite carefully in my paper, which I pointed to.
Now, presumably, they mean the first, in
that it is a rather hard problem to take the
cryptographic
Ben Laurie wrote:
Ian Grigg wrote:
Carl and Ben have rubbished non-repudiation
without defining what they mean, making it
rather difficult to respond.
I define it quite carefully in my paper, which I pointed to.
Ah. I did read your paper, but deferred any comment
on it, in part
On Sun, Dec 21, 2003 at 09:45:54AM -0700, Anne Lynn Wheeler wrote:
note, however, when I did reference PAIN as (one possible) security
taxonomy i tended to skip over the term non-repudiation and primarily
made references to privacy, authentication, and integrity.
In my eperience, the
At 01:34 AM 12/24/2003 -0800, Ed Gerck wrote:
However, IMO non-repudiation refers to a useful and
essential cryptographic primitive. It does not mean the
affirmation of a truth (which is authentication). It means
the denial of a falsity -- such as:
(1) the ability to prevent the effective denial
Carl Ellison [EMAIL PROTECTED] writes:
Ah. That's why they're trying to rename the corresponding keyUsage bit
to contentCommitment then:
Maybe, but that page defines it as:
contentCommitment: for verifying digital signatures which are intended to
signal that the signer is committing to the
Amir Herzberg wrote:
Ben, Carl and others,
At 18:23 21/12/2003, Carl Ellison wrote:
and it included non-repudiation which is an unachievable,
nonsense concept.
Any alternative definition or concept to cover what protocol designers
usually refer to as non-repudiation
At 11:18 AM 12/23/2003 +0200, Amir Herzberg wrote:
Any alternative definition or concept to cover what protocol designers
usually refer to as non-repudiation specifications? For example
non-repudiation of origin, i.e. the ability of recipient to convince a
third party that a message was sent
Ben, Carl and others,
At 18:23 21/12/2003, Carl Ellison wrote:
and it included non-repudiation which is an unachievable,
nonsense concept.
Any alternative definition or concept to cover what protocol designers
usually refer to as non-repudiation specifications? For example
non-repudiation of
Let's just leave the term non-repudiation to be used by people who don't
understand security, but rather mouth things they've read in books that
others claim are authoritative. There are lots of those books listing
non-repudiation as a feature of public key cryptography, for example,
and
At 08:23 AM 12/21/2003 -0800, Carl Ellison wrote:
That's an interesting definition, but you're describing a constraint on the
behavior of a human being. This has nothing to do with cryptosystem choice
or network protocol design. What mechanisms do you suggest for enforcing
even the constraint
-Original Message-
From: Anne Lynn Wheeler [mailto:[EMAIL PROTECTED]
Sent: Sunday, December 21, 2003 6:42 AM
To: Carl Ellison
Cc: 'Anne Lynn Wheeler'; [EMAIL PROTECTED]
Subject: Re: The PAIN mnemonic
At 11:20 PM 12/20/2003 -0800, Carl Ellison wrote:
and it included
At 08:23 AM 12/21/2003 -0800, Carl Ellison wrote:
That's an interesting definition, but you're describing a constraint on the
behavior of a human being. This has nothing to do with cryptosystem choice
or network protocol design. What mechanisms do you suggest for enforcing
even the constraint
33 matches
Mail list logo