Lists Home |
Date Index |
Rich Salz wrote:
> Yes. In addition, SSL works by having two parties share a common key.
> That makes digital signature and non-repudiable disclosure impossible:
> each party could claim the other signed or exposed the data. Public-key
> crypto does not have those attributes.
Signing and encrypting are two different things. 100% REST systems could
of course use public-key signing. I don't know what non-repudiable
disclosure means. If I have the information, encrypt it, and you decrypt
it then how can anyone know, when those bits show up somewhere on
Gnutella, who exposed it? Sounds like DRM. ;)
Come discuss XML and REST web services at:
Open Source Conference: July 22-26, 2002, conferences.oreillynet.com
Extreme Markup: Aug 4-9, 2002, www.extrememarkup.com/extreme/