CDR: Re: Non-Repudiation in the Digital Environment (was Re: First Monday August 2000)
Ed Gerck
egerck at nma.com
Sun Oct 8 12:16:07 PDT 2000
The idea that you could prevent the denial of an act is neither
an absolute truth nor provided only by cryptography. As I wrote
before, " This does not mean, however as some may suppose, that the act
cannot be denied -- for example, it can be denied by a counter authentication
that presents an accepted proof." One way to do it is by policy or by
contract, as banks do routinely in accepting checks -- and which is making
its way into protocols by means of digital signatures as an extension of
handwritten signatures.
Further, it is clear that preventing the denial of an act is not equivalent to
the "denial of a falsity" -- so, Ben's comment may help clarify this and I
am thankful that he did so. However, understanding non-repudiation
as a service that provides for the denial of a falsity is IMO a very general
model that includes other notions of non-repudiation. Like authentication,
non-repudiation comes in different flavors and it is IMO not a correct question
to ask which one is correct -- it depends on the trust and threat models
being used.
Cheers,
Ed Gerck
Bram Cohen wrote:
> On Sat, 7 Oct 2000, Ben Laurie wrote:
> >
> > Since we're in hair-splitting mode, I should point out that "prevents
> > the denial of an act" is not equivalent to a "negation that something is
> > false". Of course, logically, it comes to the same thing, but then, so
> > does "assertion that something is true".
>
> Of course, the idea that you could 'prevent the denial of an act' is
> completely wrong. The explanation "All this fancy-schmancy crypto stuff is
> bullshit" is pretty much universally applicable.
>
> -Bram Cohen
More information about the cypherpunks-legacy
mailing list