Timeline for Why does HTTPS not support non-repudiation?
Current License: CC BY-SA 4.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Dec 26, 2020 at 19:58 | comment | added | fraxinus | @PresidentJamesK.Polk really? SSL v3.0 is not that much recent. It wasn't mandatory and wasn't widely used, but was pretty much an intended feature of the protocol. | |
| Dec 26, 2020 at 19:51 | comment | added | fraxinus | @Gilles'SO-stopbeingevil' Of course, one can always add features where they don't belong. Everywhere else, this will be just a bad design. In the cryptography, that's how the "heartbleed" happened. | |
| Dec 26, 2020 at 19:11 | comment | added | Gilles 'SO- stop being evil' | Forward secrecy does not make non-repudiation impossible. Forward secrecy prevents a third party from reconstructing the plaintext if both communicating parties erase temporary keys. It does not prevent one of the communicating parties from disclosing the plaintext after the fact such that the association with the ciphertext can be verified. | |
| Dec 26, 2020 at 17:15 | comment | added | President James K. Polk | Mandatory forward secrecy is a somewhat recent feature of TLS. | |
| Dec 26, 2020 at 15:59 | history | answered | fraxinus | CC BY-SA 4.0 |