- From: Mark Baker <distobj@acm.org>
- Date: Thu, 9 May 2002 19:15:12 -0400
- To: "Ahmed, Zahid" <zahid.ahmed@commerceone.com>
- Cc: www-ws-arch@w3.org
On Thu, May 09, 2002 at 01:16:45PM -0700, Ahmed, Zahid wrote: > I agree that auduting should not be included in the security > requirements. Agreed. I also might as well response to Krishna here ... > From: Krishna Sankar [mailto:ksankar@cisco.com] [snip] > Non-repudiation is not a security function. Agreed, it is based on > primitives which security is also based on - like signatures and so on. > In fact non-repudiation is not only a technological issue but also a > legal issue. The pkix forum is having mile long discussions on this. Agreed. I said this in my ballot, and referenced Bruce Schneier's view on this topic; http://www.counterpane.com/insiderisks5.html MB -- Mark Baker, Chief Science Officer, Planetfred, Inc. Ottawa, Ontario, CANADA. mbaker@planetfred.com http://www.markbaker.ca http://www.planetfred.com
Received on Thursday, 9 May 2002 19:07:27 UTC