[3431] in cryptography@c2.net mail archive
RE: IP: State Govt Will Use Datakey Smart Cards
daemon@ATHENA.MIT.EDU (Ed Gerck)
Wed Oct 7 23:55:42 1998
Date: Wed, 7 Oct 1998 02:34:25 -0200 (EDT)
From: Ed Gerck <egerck@laser.cps.softex.br>
To: "Guthrie, Paul" <pguthrie@visa.com>
cc: "Arnold G. Reinhold" <reinhold@world.std.com>,
Robert Hettinga <rah@shipwright.com>, cryptography@c2.net,
dcsb@ai.mit.edu
In-Reply-To: <C54E91F42C11D2118CED0001FAF8DD668FF4EC@sw720x017.visa.com>
On Tue, 6 Oct 1998, Guthrie, Paul wrote:
>
>Well, I don't want to get into nuances of public key cryptosystems since
>..
Anything can be legally repudiated... or policy forbidden/allowed ..
and that is why I prefer to divide the issues of non-repudiation
according to the state-space given before:
> Well, non-repudiation has:
>
> 1. syntatic form (Is the signature yours?),
>
> 2. semantic form (Did you understand what you were signing?),
>
> 3. trust form (Did you yourself willfully sign it?),
>
> 4. identification form (Are you who you claim to be?),
>
> 5. temporal form (when did you sign it?),
>
> 6. local form (where did you sign it?),
>
> etc.
That neither includes law, nor policy -- directly. As needed, you
just have to combine the "ingredients" for a specific "law/policy
non-repudiation recipe", as a boolean function that uses 1,2,. etc
above as functional inputs.
However, IMO and I see that confirmed in the postings, a Datakey
smartcard can provide no verifiable functional input changes from the
list 1, 2, ... above, as a function of certification. And, rather
mathematically ;-), that would make any Boolean function of them to
be independent from inputs.
Hence, always repudiable for *any* law/policy combination, since it
does not depend on inputs -- whereas they must be.
This directly undermines any non-repudiation feature for the
(Channel) CA infrastructure. If certification is repudiable in its
primary act, then any derived act is also.
Cheers,
Ed Gerck
______________________________________________________________________
Dr.rer.nat. E. Gerck egerck@novaware.cps.softex.br
http://novaware.cps.softex.br
