<div dir="ltr"><div>I believe those are considerations/concerns with non-repudiation, yeah. But I think this was about the characteristics of signatures themselves not always providing the properties people assume/expect that they do. <br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Feb 2, 2022 at 7:04 AM Steinar Noem <<a href="mailto:steinar@udelt.no" target="_blank">steinar@udelt.no</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Yeah, for instance it depends on the identity proofing process that ties an identity to the certificate right? <div>Another thing to be aware of is that "non-repudiation" does not actually exist in a legal sense. Even qualified certificates are not "definitive evidence", or a "get out of jail for free" card..</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">ons. 2. feb. 2022 kl. 14:53 skrev Brian Campbell via Openid-specs-fapi <<a href="mailto:openid-specs-fapi@lists.openid.net" target="_blank">openid-specs-fapi@lists.openid.net</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>"I think that you will find that most digital signature algorithms do not provide non-repudiation. It's a common myth." - said by someone much more knowledgeable than me in a recent discussion around the HTTP signatures work: <a href="https://github.com/httpwg/http-extensions/issues/1204#issuecomment-634377559" target="_blank">https://github.com/httpwg/http-extensions/issues/1204#issuecomment-634377559</a> <br></div><div><br></div><div>I honestly can't say I fully understand it or the implications. But it seemed relevant here given that non-repudiation is mentioned as a goal of FAPI 2.0 Advanced. <br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div>
<br>
<i style="margin:0px;padding:0px;border:0px none;outline:currentcolor none 0px;vertical-align:baseline;background:rgb(255,255,255) none repeat scroll 0% 0%;font-family:proxima-nova-zendesk,system-ui,-apple-system,system-ui,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;color:rgb(85,85,85)"><span style="margin:0px;padding:0px;border:0px none;outline:currentcolor none 0px;vertical-align:baseline;background:transparent none repeat scroll 0% 0%;font-family:proxima-nova-zendesk,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"><font size="2">CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.</font></span></i>_______________________________________________<br>
Openid-specs-fapi mailing list<br>
<a href="mailto:Openid-specs-fapi@lists.openid.net" target="_blank">Openid-specs-fapi@lists.openid.net</a><br>
<a href="https://lists.openid.net/mailman/listinfo/openid-specs-fapi" rel="noreferrer" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-fapi</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(80,0,80)"><span style="color:rgb(34,34,34)">Vennlig hilsen</span><br></div><div style="color:rgb(80,0,80)"><span style="color:rgb(34,34,34)"><br></span></div><div style="color:rgb(80,0,80)"><div style="color:rgb(34,34,34)">Steinar Noem</div><div style="color:rgb(34,34,34)">Partner Udelt AS</div><div style="color:rgb(34,34,34)">Systemutvikler</div><div style="color:rgb(34,34,34)"> </div><div style="color:rgb(34,34,34)">| <a href="mailto:steinar@udelt.no" style="color:rgb(17,85,204)" target="_blank"><span style="color:rgb(34,34,34);background:rgb(255,255,204) none repeat scroll 0% 0%">steinar@udelt.no</span></a> | <a href="mailto:hei@udelt.no" style="color:rgb(17,85,204)" target="_blank">hei@udelt.no</a> | <a>+47 955 21 620</a> | <a href="http://www.udelt.no/" style="color:rgb(17,85,204)" target="_blank">www.udelt.no</a> | </div></div></div></div></div></div>
</blockquote></div>
<br>
<i style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:rgb(255,255,255);font-family:proxima-nova-zendesk,system-ui,-apple-system,system-ui,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;color:rgb(85,85,85)"><span style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"><font size="2">CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.</font></span></i>