Hi all, > > server, and re-encrypting the information. Moreover, it > > maintains the non-repudiation of transactions since the > > encrypted communication is between client and application with > > no proxy acting as middleman. > > Firstly, even if you believe that _any_ crypto provides > non-repudiation > (see http://www.apache-ssl.org/tech-legal.pdf for a paper I > co-authored > on this and other stuff - executive summary: I don't believe it), you > can't "maintain" the non-repudation of SSL because it doesn't provide > non-repudation. > > Secondly, obviously, you can only decrypt SSL if you have the private > key, so presumably this is referring only to incoming SSL connections.
Moreover, it seems to me that: 1. it is misleading (at least in general) to state that SSL operates "between client and application". SSL operates between client (browser) and (web) server; in many cases the real application might be on another server, way behind the point where the SSL connection terminates. Are there any SSL-aware "applications" (i.e. implementing business logic rather than providing communication services) for which this solution may be useful? 2. it is misleading to state that SSL secures "transactions". SSL secures "sessions". The authentication of SSL applies only to the session handshake, not to the exchanged data, in which "transaction" data might be present. This is why (as Ben remarks) SSL does not provide non-repudiation. 3. with this solution you need your private key in at least two different places. This introduces essentially more complicated key management, and increases the risk of key compromise. Grtz, Benne de Weger ========================================= Technische Universiteit Eindhoven Coding & Crypto Groep Faculteit Wiskunde en Informatica Den Dolech 2 Postbus 513 5600 MB Eindhoven kamer: HG 9.84 tel.: (040) 247 2704, bgg 5141 e-mail: [EMAIL PROTECTED] www: http://www.win.tue.nl/~bdeweger ========================================= --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]