Re: Definition of technical non-repudiation

["David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>]

> From: Ed Gerck <egerck@nma.com>
> 
> Second, note that "false denial" or "fasely denying" is NOT present in the
> defintion by Menezes, which is a problem (either as intent or as pre-defined
> logical state) in the current PKIX definition.


The rationale for this attention to the word "false" continues to elude
me.

A "previous commitment or action" (Menezes) or "critical action" (Ford)
is a binary value -- the entity made the commitment / took the action, or
it did not.

A denial is a binary value - the entity denies the action, or does not.
We can use "assert" to refer to a claim in the opposite sense, yielding
the following results:

              |          Entity's claim:
Action:       |    Assert              Deny
---------     |----------------      ------------
Occurred      |  True Assertion      False Denial
Did not Occur |  False Assertion     True Denial


A successful false assertion (a false positive) is a Type I error; a
successful false denial (a false negative) is a Type II error; the goal
of system for verifying evidence should be an error rate of zero.  If
the system meets its goal, then it prevents an entity from successfully
falsely denying an action that did occur.

Or in other words, the evidence evaluation system "protects against
an entity falsely denying some action."  -- X.509

What precisely is wrong with that?  I believe the name for a system
that "protects" against an entity denying an action that did not occur
(i.e. a true denial) is: "a lynching".