Non-repudiation (was RE: The PAIN mnemonic)
Ben Laurie
ben at algroup.co.uk
Mon Dec 29 11:00:58 EST 2003
Carl Ellison wrote:
>>-----Original Message-----
>>From: owner-cryptography at metzdowd.com
>>[mailto:owner-cryptography at metzdowd.com] On Behalf Of Stefan Kelm
>>Sent: Tuesday, December 23, 2003 1:44 AM
>>To: cryptography at metzdowd.com
>>Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
>
>
>>Ah. That's why they're trying to rename the corresponding keyUsage bit
>>to "contentCommitment" then:
>>
>> http://www.pki-page.info/download/N12599.doc
>>
>>:-)
>>
>>Cheers,
>>
>> Stefan.
>
>
> Maybe, but that page defines it as:
>
> --------------------------------------------------
>
> contentCommitment: for verifying digital signatures which are intended to
> signal that the signer is committing to the content being signed. The
> precise level of commitment, e.g. "with the intent to be bound" may be
> signaled by additional methods, e.g. certificate policy.
>
> Since a content commitment signing is considered to be a digitally signed
> transaction, the digitalSignature bit need not be set in the certificate. If
> it is set, it does not affect the level of commitment the signer has endowed
> in the signed content.
>
> Note that it is not incorrect to refer to this keyUsage bit using the
> identifier nonRepudiation. However, the use this identifier has been
> deprecated. Regardless of the identifier used, the semantics of this bit are
> as specified in this standard.
>
> --------------------------------------------------
>
> Which still refers to the "signer" having an "intent to be bound". One can
> not bind a key to anything, legally, so the signer here must be a human or
> organization rather than a key. It is that unjustifiable linkage from the
> actions of a key to the actions of one or more humans that needs to be
> eradicated from the literature.
This is going a little far, isn't it? If the human controls the setting
of the bit, then it is signalling their intent.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list