RE: [TLS] Please discuss: draft-housley-evidence-extns-00

["Kemp, David P." <DPKemp@xxxxxxxxxxxxxx>]

Actually, I don't want to revive the NR-wars, but
the DoD certificate policy uses the term "technical
non-repudiation" to refer to "persistent data
origin authentication" that can be validated
outside the context of a session (a shared secret
context), yet attempts to distance itself from what
is visible at the HMI, the intent of the signer, the
legal liability incurred, data retention periods,
and all the rest of the stuff that goes with NR.
If the Handbook of Applied Cryptography had defined
TNR or PDOA, I would have used it, but alas it does
not.  What you said is (almost) what I meant --
integrity of message contents is a prerequisite
for, and is thus implied by, data origin authentication

Dave


-----Original Message-----
From: Eric Rescorla [mailto:ekr@xxxxxxxxxxxxxxxxxxxx] 
Sent: Monday, January 08, 2007 12:33 PM
To: Kemp, David P.
Cc: tls@xxxxxxxx
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00

"Kemp, David P." <DPKemp@xxxxxxxxxxxxxx> writes:
> Note that:
> "the crap with the digital signatures is entirely
> unnecessary for technical analysis."
> is entirely correct.  But Danvers is a non-sequitur.
>
> Ignoring lawyers, non-repudiation, and protocol
> analysis, the question remains: is there any benefit
> to providing data origin authentication at the TLS
> layer?

I don't think "data origin authentication" is the right term
here, since TLS *does* provide data origin authentication. The
client knows who he's talking to. What it doesn't provide is
third party proof of data origin authentication and more importantly
of message contents.

-Ekr

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls