Non-repudiation service aims to generate, collect, maintain, make available and confirm evidence of declared events or actions, so as to resolve disputes about the occurrence or non-occurrence of certain events or actions. This standard specifies mechanisms for providing special non-repudiation services related to communications using asymmetric techniques. The non-repudiation mechanism can provide the following four non-repudiation services: a) origination non-repudiation; b) delivery non-repudiation; c) submission non-repudiation; d) transmission non-repudiation. The non-repudiation mechanism involves the exchange of non-repudiation tokens specific to each non-repudiation service. A non-repudiation token consists of a digital signature and additional data. Non-repudiation tokens can be stored as non-repudiation information, and used sequentially by both parties in the event of a dispute. According to the non-repudiation policy used under the special application and the legal application environment of the application, the non-repudiation information may include the following additional information: a) Including a credible time stamp evidence generated by the time stamping authority; b) Evidence provided by a notary who can vouch for data, actions, or events generated by one or more entities. The term non-repudiation can only be effective in a security policy clearly defined by a particular application and its legal environment.
GB/T 17903.3-1999 history
2024GB/T 17903.3-2024 Information technology Security technology Non-repudiation Part 3: Mechanisms using asymmetric technology
2008GB/T 17903.3-2008 Information technology. Security techniques. Non-repudiation. Part 3: Mechanisms using asymmetric techniques
1999GB/T 17903.3-1999 Information technology-Security techniques-Non-repudiation-Part 3: Mechanisms using asymmetric techniques