Re: SOI QUESTIONS: 2.5 Plausible denaibility

[Jean-Jacques Puig <jean-jacques.puig@int-evry.fr>]

> 
> The point being that all the original IKEv1 modes had repudiation almost by
> accident. I'll be the first to admit that it's not a very important feature,
> but there is no expense involved.
> 

You're right. I was unclear about it (I have some difficulties with English language), but I did not meant a protocol expense. 
It is more a specification and use expense. 
The fact is I believe the next IKE version should assert most of peers intentions, and it should be possible to prove many properties of  these intentions (the fact they were, at least in the beginning, willing to set an SA...).
The hability of doing 'plausible deniability' contradicts this, and opens a way for doing what I formely call 'diplomacy/politics':
"I may want to communicate, but may be I don't and may be it is not me but you, or may be I was forced to answer you".
This is an expense of precautions which does not help (at least in real life) for communication.

In the PK answering instance (where Bob may not answer to Alice on purpose, and thus a third party does not have evidence the data sent is genuine), we certainly have a proof of Bob talking to Alice, though we can reach to no conclusion about peers 'higher' intentions.

Lastly, we can also invoke a kind of '(un)plausible deniability' from the collision property of the hash function. But we have to cope with this one.

--
Jean-Jacques Puig