[Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]

Ed Gerck egerck at nma.com
Mon Jan 5 20:32:37 EST 2004


In business, when repudiation of an act is anticipated we're reminded by
Nicholas Bohm (whose clear thinking I know and appreciate for 6 years)
that some lawyers find it useful to define "irrebuttable presumptions"  -- a
technique known to the law and capable of being instantiated in statute or contract.

For example, a legal "irrebuttable presumption" can take the form of a bank check
contract stating that a check (even though it can be *proven* a posteriori to be a
forgery) is payable by the bank if the account holder did not notify the bank to
repudiate the check *before* the check was presented to the bank for payment.
The requirement can be seen an "out-of-band" signal from the account holder to
the bank, which absence makes the check's payability an irrebuttable presumption
by the bank. In this case, as long as the check's signature does not look like a
(obvious) forgery and there is enough balance in the account, the bank has no
liability to that customer in paying the check. Note also that the effectiveness of
this method relies on an "indirect proof" -- the absence of a previous communication
makes the check payable.

Likewise, in a communication process, when repudiation of an act by a party is
anticipated, some system security designers find it useful to define "non-repudiation"
as a service that prevents the effective denial of an act. Thus, lawyers should
not squirm when we feel the same need they feel -- to provide for processes
that *can be* conclusive.
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list