[15064] in cryptography@c2.net mail archive
Re: Non-repudiation (was RE: The PAIN mnemonic)
daemon@ATHENA.MIT.EDU (Ben Laurie)
Sun Dec 28 12:22:22 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 27 Dec 2003 17:20:39 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: iang@systemics.com
Cc: Amir Herzberg <amir@herzberg.name>, cme@acm.org,
cryptography@metzdowd.com
In-Reply-To: <3FE89899.D6C1E906@systemics.com>
Ian Grigg wrote:
> Carl and Ben have rubbished "non-repudiation"
> without defining what they mean, making it
> rather difficult to respond.
I define it quite carefully in my paper, which I pointed to.
> Now, presumably, they mean the first, in
> that it is a rather hard problem to take the
> cryptographic property of public keys and
> then bootstrap that into some form of property
> that reliably stands in court.
>
> But, whilst challenging, it is possible to
> achieve legal non-repudiability, depending
> on your careful use of assumptions. Whether
> that is a sensible thing or a nice depends
> on the circumstances ... (e.g., the game that
> banks play with pin codes).
Actually, its very easy to achieve legal non-repudiability. You pass a
law saying that whatever-it-is is non-repudiable. I also cite an example
of this in my paper (electronic VAT returns are non-repudiable, IIRC).
> So, as a point of clarification, are we saying
> that "non-repudiability" is ONLY the first of
> the above meanings? And if so, what do we call
> the second? Or, what is the definition here?
>
> From where I sit, it is better to term these
> as "legal non-repudiability" or "cryptographic
> non-repudiability" so as to reduce confusion.
Read my paper (it was co-authored with a lawyer, so I believe we've got
both the crypto and legal versions covered).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
