Re: Non-repudiation

Paul,

        Unfortunately, the CRLs available to the sender at the time of
transmission generally are not the ones needed by a recipient in
support of non-repudiation.  What a receiver needs are the next set of
CRLs issued, ones issued after the message was sent, to prove that the
relevent certificates were not revoked at the time the message was
sent.  The CRLs available to the originator would make a statement
about the revocation status of certificates prior to the sending of
the message.  One could argue that for less stringent validation
situations (other than non-repudiation), the "older" CRLs would be
adequate, and that suggests that an option to send them in the header
as part of a regular message might be helpful.

Steve

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Non-repudiation, (continued) Re: Non-repudiation, Steve Kent Re: Non-repudiation, Raymond Lau Non-repudiation, TCJones Re: Non-repudiation, Mark S Feldman Re: Non-repudiation, Raymond Lau non-repudiation, TCJones Re: Re: Non-repudiation, jueneman%wotan Re: Re: Non-repudiation, Raymond Lau Re: Non-repudiation, Steve Kent Re: Non-repudiation, Paul C. Clark Re: Non-repudiation, Steve Kent <= Re: Re: Non-repudiation, jueneman%wotan Re: Non-repudiation, Steve Kent Re: Re: Non-repudiation, Raymond Lau

Previous by Date:	Re: exportable crypto, David Herron
Next by Date:	Re: Fancy encryption schemes, Beast (Donald E. Eastlake, 3rd)
Previous by Thread:	Re: Non-repudiation, Paul C. Clark
Next by Thread:	Re: Re: Non-repudiation, jueneman%wotan
Indexes:	[Date] [Thread] [Top] [All Lists]