-
## I wish signed exchanges to cover the non-repudiation use-case
I wish to use the `Signature` header for non repudiation.
Example:
- client sends a request with a Signature of given header…
-
This has been mentioned over and over by @kloaec. We should make a list of cases for which we want to achieve non-repudiation (eg emergency broadcast) and whether we already do (spoiler alert: we don'…
-
Right now HTTPS/TLS does not support non-repudiation. https://security.stackexchange.com/questions/103645/does-ssl-tls-provide-non-repudiation-service
It's a huge problem for internet archiving, le…
-
Hi Mechiel,
Thanks for working on mox! This is such a breath of fresh air in the email space I'm just completely flabbergasted :D
In reviewing it's feature set I did find one singular item on my…
-
Alla modeller bör ha information om vem som gjorde den senaste ändringen och när.
-
## Expected Behavior
I would like a system in which the users do not have to print out the time sheets and physically sign them. If a system like a digital or electronic signature or some other meth…
-
**Problem:**
DID:web, while convenient, faces significant auditability issues, especially regarding key rotations and DID document configuration events. Its centralized nature, lack of immutable hi…
-
A new security feature `Android Protected Confirmation` has arrived to Android P. This can help with non-repudiation and alike. Time to start a write up about it and see how we can best relate this to…
-
> I think the DNSSEC chain (or lack there of) should also be returned. This provides some non-reputability of the CAA records, as well as allowing a CA to see if some vantage points see DNSSEC signatu…
-
At present, the receiver is not verifying the quorums' as well as sender's signature. If a receiver does not verify the sender's signature and quorums' signatures, several security and integrity issue…