[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
matter of semantics
At an ESnet meeting, a lawyer gave us a talk on legal issues having to do with
things like digital signatures. He said that the term "non-repudiation" is a
legal misnomer because you can always repudiate anything (legally). He said that
the correct term is "non-deniability." I suggest that we change the terminology
in the SPKI discussions.
The reason is that a verified digital signature is correct and therefore cannot
be denied. But, it can be repudiated. For example "I was called away from my desk
and the screen saver was not engaged and someone came in an user the running copy
of Netscape to send E-mail that was signed by my digital signature. This was
unauthorized and I repudiate it."
Oak Ridge National Laboratory