Non-repudiation (was RE: The PAIN mnemonic)

Ben Laurie ben at algroup.co.uk
Mon Dec 29 11:00:58 EST 2003 

Carl Ellison wrote:

>>-----Original Message-----
>>From: owner-cryptography at metzdowd.com 
>>[mailto:owner-cryptography at metzdowd.com] On Behalf Of Stefan Kelm
>>Sent: Tuesday, December 23, 2003 1:44 AM
>>To: cryptography at metzdowd.com
>>Subject: Re: Non-repudiation (was RE: The PAIN mnemonic)
> 
> 
>>Ah. That's why they're trying to rename the corresponding keyUsage bit
>>to "contentCommitment" then:
>>
>>  http://www.pki-page.info/download/N12599.doc
>>
>>:-)
>>
>>Cheers,
>>
>>	Stefan.
> 
> 
> Maybe, but that page defines it as:
> 
> --------------------------------------------------
> 
> contentCommitment: for verifying digital signatures which are intended to
> signal that the signer is committing to the content being signed. The
> precise level of commitment, e.g. "with the intent to be bound" may be
> signaled by additional methods, e.g. certificate policy.
> 
> Since a content commitment signing is considered to be a digitally signed
> transaction, the digitalSignature bit need not be set in the certificate. If
> it is set, it does not affect the level of commitment the signer has endowed
> in the signed content.
> 
> Note that it is not incorrect to refer to this keyUsage bit using the
> identifier nonRepudiation. However, the use this identifier has been
> deprecated. Regardless of the identifier used, the semantics of this bit are
> as specified in this standard.
> 
> --------------------------------------------------
> 
> Which still refers to the "signer" having an "intent to be bound".  One can
> not bind a key to anything, legally, so the signer here must be a human or
> organization rather than a key.  It is that unjustifiable linkage from the
> actions of a key to the actions of one or more humans that needs to be
> eradicated from the literature.

This is going a little far, isn't it? If the human controls the setting 
of the bit, then it is signalling their intent.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list