[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.5 Plausible denaibility

To: "Theodore Ts'o" <tytso@mit.edu>
Subject: Re: SOI QUESTIONS: 2.5 Plausible denaibility
From: Stephen Kent <kent@bbn.com>
Date: Thu, 20 Jun 2002 19:58:38 -0400
Cc: ipsec@lists.tislabs.com
In-Reply-To: <E17L5LE-0003XJ-00@think.thunk.org>
References: <E17L5LE-0003XJ-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com

At 1:03 PM -0400 6/20/02, Theodore Ts'o wrote:
>Please discuss and answer this question.....  (for more discussion and a
>clear definition of "plausible denaibility", please see section 2.5 of
>the soi-features I-D).
>
>2.5)  Plausible denaibility
>
>2.5.A) Does SOI need to provide "plausible deniability" (the opposite
>of "non-repudiation") for the initiator?
>
>
>2.5.B) Does SOI need to provide "plausible deniability" (the opposite
>of "non-repudiation") for the responder?

IPsec has never advertised NR as a service, and the only issue here 
is whether signed authentication could be used to "prove" that a 
connection was established between two parties. I don't think it 
worthwhile to focus significant design effort, or to add complexity 
to SOI to support this "feature."

Steve

References:
- SOI QUESTIONS: 2.5 Plausible denaibility
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Next by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Prev by thread: Re: SOI QUESTIONS: 2.5 Plausible denaibility
Next by thread: Re: SOI QUESTIONS: 2.5 Plausible denaibility
Index(es):
- Date
- Thread