Category:Non-Repudiation

From OWASP
Revision as of 08:09, 3 June 2006 by Jeff Williams (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Non-Repudiation

In most two-party data communication, the two parties can prove to themselves whether data comes from an authentic source. But one generally does not have proof that a third party would find plausible. A message for which the original sender or some endorser can be established to third parties is said to be non-repudiable. This security service is generally associated with digital signature schemes.

Note that legal systems do not have an absolute notion of non-repudiation. Particularly, in a court of law, “duress” is a valid way to repudiate a message. For example, Alice could sign a message to Bob that Bob uses against Alice in court, but Alice may have a legitimate duress defense if she was forced to send the message by someone holding a gun to her head.

This category currently contains no pages or media.