> This weekend I read the SSL spec and I am wondering about the following.
> Suppose I am a the owner of an e-shop and I have a secure webserver. In
> order to make sure that all product orders I get are for real, I require
> that clients present a valid certificate during the SSL handshake.
> However, since after the handshake SSL switches to an encryption method
> based on symmetric keys (right?), it makes no sense to store the
> encrypted order of a client in a database, because the client can always
> argue that I made up the encrypted order myself (which I can since I
> know the symmetric key). The only thing the client cannot deny is that
> he has made a secure connection with my webserver, but apart from that
> nothing can be proven.
>
> Is this right, and if yes, is there a way within SSL (openssl) to
> provide non-repudiation?
In a word: No.
-Ekr
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]