[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] safe value for AuthenticationInstant?
> ok. but what about from a non-repudiation point of view? in a > court of law, seconds count. or don't they? I think that even in the court of law they understand the limits on granularity of clocks (in fact, I've never seen seconds listed on any official court document -- even the speeding tickets that I tend to get from time to time, so it would seem that time to the minute is sufficient for courts). In any case, non repudiation comes more into play in the world of digital signatures and not typically in the timestamp recorded within the document being signed. On top of that you have the issue that the system clocks for all the computers involved are pretty much guaranteed not be reliably sync'd to the sub-second level (and I wouldn't count too much on sub-minute sync). The one case where this isn't an issue is when both providers are running on the same physical box, in which case the system clocks are fully in sync (unless they happened to sync with the network time source in between generation of the token and consumption of the token). Just food for thought. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]