My understanding of the term "non-repudiation" is that it means that someone
who signed something cannot claim otherwise later on.
Ned,
I disagree. From my point of view "non-repudiation" is only a very general
term that doesn't say precisely what is meant. To make things clear one has
to specify one of the different kinds of non-repudiation, e.g. non-repudiation
of origin (like in PEM), non-repudiation of delivery, non-repudiation of
receipt or even non-repudiation of submission (to speak in terms of X.400). I
understand that you're talking about non-repudiation of message receipt where
the receiver of a message digitally signs a receipt after (before? while?)
having received/read a message. But, like you said, you can only enforce this
service by _demanding_ a signed receipt.
Greetings,
Stefan.
______________________________________________________________________________
Stefan Kelm <kelm(_at_)cert(_dot_)dfn(_dot_)de> WWW:
http://www.cert.dfn.de/~kelm/
University of Hamburg, DFN-CERT, Vogt-Koelln-Str. 30, 22527 Hamburg (Germany)
Tel: +49-40-54715262 / Fax: +49-40-54715241
[get my PEM and PGP keys via command: "finger
kelm(_at_)www(_dot_)cert(_dot_)dfn(_dot_)de"]