[Openid-specs-fapi] repudiating non-repudiation?
Steinar Noem
steinar at udelt.no
Wed Feb 2 14:04:27 UTC 2022
Yeah, for instance it depends on the identity proofing process that ties an
identity to the certificate right?
Another thing to be aware of is that "non-repudiation" does not actually
exist in a legal sense. Even qualified certificates are not "definitive
evidence", or a "get out of jail for free" card..
ons. 2. feb. 2022 kl. 14:53 skrev Brian Campbell via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net>:
> "I think that you will find that most digital signature algorithms do not
> provide non-repudiation. It's a common myth." - said by someone much more
> knowledgeable than me in a recent discussion around the HTTP signatures
> work:
> https://github.com/httpwg/http-extensions/issues/1204#issuecomment-634377559
>
> I honestly can't say I fully understand it or the implications. But it
> seemed relevant here given that non-repudiation is mentioned as a goal of
> FAPI 2.0 Advanced.
>
>
>
>
>
>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*_______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-fapi
>
--
Vennlig hilsen
Steinar Noem
Partner Udelt AS
Systemutvikler
| steinar at udelt.no | hei at udelt.no | +47 955 21 620 | www.udelt.no |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20220202/794b1952/attachment.html>
More information about the Openid-specs-fapi
mailing list