In a message "Subject: CRL's redux", Tom says:
3> Part of security is (a) non-denial of service, and (b) receiver non-
repudiation; can these ever be assured in a PEM environment? (Or
perhaps more to the point; when have I received a message? - when it is
delivered or when the verification process is complete?)
PEM never claimed to have (b) "receiver non-repudiation;"
The "non-repudiation of message receipt" is a subject near and dear to
my heart as i worked on it while i was studying at Carnegie-Mellon
University. There, two protocols were specified on how to acheive
"non-repudiation of message receipt". One protocol build on top of
PEM.
If you are interested, i can point you to a paper copy.
_______________________________________________________________________
Alireza Bahreman E-Mail:
bahreman(_at_)bellcore(_dot_)com
Bellcore, Room RRC-1K221 Phone : +1 908 699 7398
444 Hoes Lane, Piscataway, NJ 08854 Fax : +1 908 336 2943