[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-repudiation vs. revocation

Carl Ellison wrote:
> To be sure of that, you need the card itself to display to you what 
> it's signing -- not just a hash.
> The problem is so difficult that we're forced to fall back on trusting 
> our H/W and OS as if it were a TCB -- which it isn't.  Therefore,
> non-repudiation is really out of the question.

I do understand that total non-repudiation is out of the question. 
However, I fail to see why it would not work in some circumstances, say
when you are signing a SPKI cert.  Provided that we identify some standard
SPKI auths, I think it would be fairly simple to devise a smartcard that
can parse such auths and present them to the user for signing.

Just a thought.  But I like it. :-)  Then again, I've been known to be
wrong, repeatedly.

Camillo Sdrs <Camillo.Sars@DataFellows.com>   Data Fellows Ltd.
F-Secure Support
http://www.Europe.DataFellows.com/      Aim for the impossible and you
http://www.iki.fi/ged                   will achieve the improbable

Follow-Ups: References: