W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Important: 21-Oct-1999 Teleconference Minutes

From: John Boyer <jboyer@uwi.com>
Date: Thu, 21 Oct 1999 16:26:48 -0700
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBLAOMJKOFPMBCHJOIOEMBCBAA.jboyer@uwi.com>
IETF/W3C XML-Signature TeleconferenceActually, I recommended 'signer
authentication' (not author authentication) to replace 'technical
non-repudiation'.

Signatures do two things:
    Message authentication-> offered by digest, protected in the case of RSA
by encryption
    Signer authentication-> offered by key pairing in the case of RSA,
protected by PKI

Non-repudiation seems to be a loaded term that has been used to describe
lots of things, which stems from the generic nature of the term 'repudiate'.
Certainly a failure to authenticate the message or the signer would be
grounds for repudiating whatever it is that the signed message is
purportedly about, but achieving non-repudiation can involve more work
depending on how a system or transaction is put together.

For the sake of example, suppose a signer S wants to get in on a .com IPO,
so the transaction M is constructed, signed and sent to stock broker V who
verifies the M then processes the order.  S cannot repudiate the
transaction.  However, S could be seriously harmed by failure to process M,
yet V could repudiate the transaction by simply claiming it was never
received.  It is necessary for V to sign M and send the result back to S.
Then, if some later failure on V's part occurs, S can hold V responsible for
it.

I'm sure even better examples exist, including the possible need to provide
non-repudiation even if the signer's key is compromised, but it should be
easy to see that the level of non-repudiation offered by a system depends on
the types of arguments you want or need to account for in the system.  As
such, we do not need to address it in our spec.  We want message and signer
authentication since that is really all that a single signature can given
you, and we want the ability to construct good messages that are highly
representatitve of the transactions that the signatures are designed to
authenticate, which is what the transformations give you.
John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company


    a.. Other open issues
      vocabulary: non-repudiation
    Some objections to this term. "Technical non-repudiation" suggested to
avoid possible confusion with legal, business, etc., uses of the term.

    Boyer: Suggest "Author Authentication"

    Not resolved but lead to a discussion of having definitions in Syntax
document. Those on call favor definitions at the end, generally opposed to
having them at the beginning, and perhaps neutral on having them in sequence
when the word is first used.
Received on Thursday, 21 October 1999 19:26:51 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT