Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: integrity and mail encryption

From: "Robert Hines" <b.hines () comcast net>
Date: Thu, 3 Nov 2005 15:03:34 -0500
Pranav,

When one requests a key pair from a CA, there is a registration process,
that the key issuer must adhere to, and of course there are different
levels, based on how much you want to pay for a background check.
www.Thawte.com for example requires at least a passport number for a
personal key that is linked to a database for the key pair/user
relationship. Given that the key now belongs to a user/email address, any
time that email user signed a mail, by using the option requiring the user
sending the mail has to use the private key passphrase every time they want
to send a signed mail with said key.  There is little room if any for the
sender to deny that they sent that signed mail and as the French would say
WALA non-repudiation. Very much like an electronic Notary.

The same could apply to a company that wants to run their own Certificate
Authority (CA) server, using say the HR department as the Registration
Authority (RA).

Did this help?

Bob

-----Original Message-----
From: Pranav Lal [mailto:pranav.lal () gmail com] 
Sent: Wednesday, November 02, 2005 4:21 PM
To: security-basics () securityfocus com
Subject: RE: integrity and mail encryption

Hi Bob,

How does public key encryption provide                   non-repudiation


Pranav
Previous By Date Next
Previous By Thread Next

Current thread: