Non-repudiation (was RE: The PAIN mnemonic)
Ed Gerck
egerck at nma.com
Wed Dec 24 04:34:00 EST 2003
Yes, the term "non-repudiation" has been badly misused in
old PKIX WG drafts (in spite of warnings by myself and
others) and some crypto works of reference -- usually
by well-intentioned but otherwise misguided people trying
to add "value" to digital certificates.
However, IMO non-repudiation refers to a useful and
essential cryptographic primitive. It does not mean the
affirmation of a truth (which is authentication). It means
the denial of a falsity -- such as:
(1) the ability to prevent the effective denial of an act (in
other words, denying the act becomes a falsity); or
(2) the ability to prevent the denial of the origin or delivery
of transactions.
Note that, except for a boolean system, the affirmation of
a truth is not the same as the denial of a falsity. Hence, the
usefulness of "non-repudiation" as a primitive. Take away
"non-repudiation" and you end up with a lesser "language"
with which to describe security processes.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list