[Openid-specs-fapi] repudiating non-repudiation?
Brian Campbell
bcampbell at pingidentity.com
Wed Feb 2 13:53:11 UTC 2022
"I think that you will find that most digital signature algorithms do not
provide non-repudiation. It's a common myth." - said by someone much more
knowledgeable than me in a recent discussion around the HTTP signatures
work:
https://github.com/httpwg/http-extensions/issues/1204#issuecomment-634377559
I honestly can't say I fully understand it or the implications. But it
seemed relevant here given that non-repudiation is mentioned as a goal of
FAPI 2.0 Advanced.
--
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20220202/854ee47a/attachment.html>
More information about the Openid-specs-fapi
mailing list