none
non-repudiation with digital signatures

    Question


  • Hi

    My security use case is "annonymousForCertificate" with no special configuration. Looking at the message logs I saw that the server signs its response using a key which derives from the client encrypted key and not using its x509 certificate. Doesn't this risk the non-repudiation feature of digital signatures?

    Thanks,
    Yaron
    Tuesday, March 04, 2008 7:24 PM