Nonrepudiation - in some sense
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Feb 10 15:19:10 EST 2006
On Fri, Feb 10, 2006 at 07:49:59PM +0000, Ben Laurie wrote:
> Secondly, obviously, you can only decrypt SSL if you have the private
> key, so presumably this is referring only to incoming SSL connections.
>
And only if EDH (or more generally all PFS) ciphers are disabled. This
is AFAIK common with HTTP servers, but the majority of TLS capable MTAs
negotiate EDH ciphers.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list