can you deny you sent a signed e-mail?
Jim Hendrick
jrhendri at maine.rr.com
Tue Apr 27 20:59:04 CEST 2004
It is usually more useful to be able to indicate you *did* send an email,
sign a document, etc.
To be useful for non-repudiation, you need to have a policy that states you
are responsible for all actions using your account/key/whatever and you are
expected to use proper care to protect that account/key/whatever.
Similar to if you are issued a physical door key and claim "it wasn't me,
somebody stole my keys". You may introduce reasonable doubt, but you also
reduce your own credibility (in that event and in the future).
Jim
> -----Original Message-----
> From: gnupg-users-bounces at gnupg.org
> [mailto:gnupg-users-bounces at gnupg.org]On Behalf Of Jerry Windrel
> Sent: Tuesday, April 27, 2004 1:37 PM
> To: gnupg-users at gnupg.org
> Subject: Re: can you deny you sent a signed e-mail?
>
>
> That's actually a crucial question that needs to be resolved
> in order for
> digital signatures to be more widely adopted. If anyone can
> just revoke
> their key and claim a hacker break-in, then what good does it
> do to generate
> signatures to begin with?
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
More information about the Gnupg-users
mailing list