W3C home > Mailing lists > Public > www-ws-arch@w3.org > May 2002

Re: D-AR006.11 discussion points

From: Mark Baker <distobj@acm.org>
Date: Thu, 9 May 2002 19:15:12 -0400
To: "Ahmed, Zahid" <zahid.ahmed@commerceone.com>
Cc: www-ws-arch@w3.org
Message-ID: <20020509191512.K6524@www.markbaker.ca>
On Thu, May 09, 2002 at 01:16:45PM -0700, Ahmed, Zahid wrote:
> I agree that auduting should not be included in the security
> requirements.

Agreed.

I also might as well response to Krishna here ...

> From: Krishna Sankar [mailto:ksankar@cisco.com]
[snip]
> Non-repudiation is not a security function. Agreed, it is based on
> primitives which security is also based on - like signatures and so on.
> In fact non-repudiation is not only a technological issue but also a
> legal issue. The pkix forum is having mile long discussions on this. 

Agreed.  I said this in my ballot, and referenced Bruce Schneier's view
on this topic;

http://www.counterpane.com/insiderisks5.html

MB
-- 
Mark Baker, Chief Science Officer, Planetfred, Inc.
Ottawa, Ontario, CANADA.      mbaker@planetfred.com
http://www.markbaker.ca   http://www.planetfred.com
Received on Thursday, 9 May 2002 19:07:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:59 GMT