[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: nonrepudiation (signing messages)
Dale Moberg wrote: > > Dale> I think both those issues > > point to recommending that the same > > Reference element is to be used both within > > the originating parties Signature and within the Receiving > > parties receipt. > > Chris>I think (though to be honest, I haven't read this recently) that > this is what is recommended. It may not have been clearly > expressed, but this was certainly the intent (that the > Reference in the Ack is extracted from the Signature of > the original message being ack'ed). > > Dale New>> If that is what the specification says, then > 1. the reconciliation process should be supported (except for > mismatch in hash value when the message id is still needed) > 2. the original sender will have no room to complain > about the receipt without calling into question his > own non repudiation of origin > and, finally, > 3. (back to what I took Marty's question to be) there would > not be much motivation for adding an element under nonrepudiation > of origin or receipt to express what kind of Reference > was to be used for receipts. > Because of 3, it looks like, at least for the ebXML binding, > there is not much point in adding something to the CPP/CPA > that would represent the agreement--because by following > the spec, there are not really alternative ways to return > the Reference and hash. Is that correct? Technically, I suppose that one could send the Signature itself, as an attachment (payload) in a response rather than in an Ack, but in general, I'd say that this assumption is basically sound. Cheers, Chris
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC