Non-repudiation in the digital environment

First Monday

Volumn 5, Issue 8, 2000, Pages

  McCullagh, Adrian ^a,b   Caelli, William ^b  

^a Gadens Lawyers   (Australia)

^b QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 33645788387     PISSN: 13960466     EISSN: None     Source Type: Journal    
DOI: 10.5210/fm.v5i8.778     Document Type: Article

References (29)

1. That is the parties will not at the time of transacting have face to face dialogue.
2. Bank for International Settlements, Report No. 35, "Risk Management for Electronic Banking and Electronic Money Activities" (March 1998); at http://www.bis.org/publ/index.htm, accessed on 15 December 1999.
3. See also "Communication from the Commission to the European Parliament - the Council, the Economic and Social Committee and the Committee of the Regions - 'Proposal for a European Parliament and Council Directive on a Common Framework for Electronic Signatures'" COM(1998)297final, 13.05.98.
4. "American Bar Association Guidelines for Digital Signatures," at http://www.abanet.org/scitech/ec/isc/dsgfree.html, accessed on 15 December 1999.
5. L'Estrange v. Graucob [1934] 2 K.B. 394. See also A. McCullagh, W. Caelli, and P. Little, "Electronic Signatures - Understand the Past to Develop the Future," 1998 UNSWLJ, accessed on 15 December 1999 at http://www.law.unsw.edu.au/unswlj/ecommerce/mccullagh.html
6. Unconscionable conduct rests upon the concept of inequality of bargaining power. The characteristics of the concept are: (a) Unconscionable involves the obtaining, by one party to a transaction, of an unfair advantage against the better judgement of the other weaker party to the transaction; (b) The dominant party knowing either actually or by imputation of the disadvantage; (c) In many cases there is a striking disparity in the value of the consideration passing between the parties. See M.L. Cope, "The Review of Unconscionable Bargains in Equity," (1983) 57 A.L.J. 279; Commercial Bank of Australia v. Amadio (1982-83) 151 C.L.R. 447.
7. Fraud involves any intentional conduct that has the purpose not necessarily the sole or dominant purpose of obtaining some gain from the party who is the subject of the fraudulent conduct. See Earl of Aylesford v. Morris (1873) 8 L.R. Ch. App. 484.
8. Undue influence involves a situation where a person has the ability to take control over another's independent will power so that the innocent person is not able to resist the actions of the first person. Such cases usually involve some disability as in Blomley v Ryan (1956) 99 C.L.R. 362. Mr. Ryan was a severe alcoholic and was never in a position to resist the actions of Mr. Bromley.
9. "UNCITRAL Model Law on Electronic Commerce with Guide to Enactment" Article 13, at http://www.un.or.at/uncitral/texts/electcom/ml- ec.htm, accessed on 15 December 1999.
10. A. McCullagh, W. Caelli, and P. Little, "Electronic Signatures - Understand the Past to Develop the Future," 1998 UNSWLJ. Thematic Issue, at http://www.law.unsw.edu.au/unswlj/ecommerce/mccullagh.html, accessed on 15 December 1999.
11. Shorter Oxford Dictionary, D. Thompson, (Ed) 19th Edition, Clarendon Press, "Repudiate" 1 (a) disown, disavow, reject, (b) refuse dealings with, (c) deny.
12. Shorter Oxford Dictionary, Ibid.
13. The above position is the same in many jurisdictions.
14. Report of the Electronic Commerce Expert Group to the Attorney General, "Electronic Commerce: Building the Legal Framework - 31 March 1998", at http://law.gov.au/aghome/advisory/eceg/eceg.htm, accessed on 15 December 1999.
15. W. Caelli, D. Longley, and M. Shain, 1991. Information Security Handbook. London: Macmillan.
16. W. Caelli, D. Longley, and M. Shain, 1991. Information Security Handbook. Ibid.
17. B. Schneier, 1996. Applied cryptography: Protocols, algorithms and source code in C. Second edition. New York: Wiley, p. 2.
18. R. Granito and A. Hovstø (editors). "Guidelines for the use and management of trusted third party services", JTC 1.27.19 (Working Draft).
19. One of the primary roles of a TTP is too reliably authenticate the identity of the holder of the key pair, of which the public key is embodied in the digital certificate.
20. The issue of witnessing the affixing of digital signatures is more fully explained in McCullagh et al., ibid., note 9.
21. Article 13. Attribution of data messages (1) A data message is that of the originator if it was sent by the originator itself. (2) As between the originator and the addressee, a data message is deemed to be that of the originator if it was sent: (a) by a person who had the authority to act on behalf of the originator in respect of that data message; or (b) by an information system programmed by, or on behalf of, the originator to operate automatically. (3) As between the originator and the addressee, an addressee is entitled to regard a data message as being that of the originator, and to act on that assumption, if: (a) in order to ascertain whether the data message was that of the originator, the addressee properly applied a procedure previously agreed to by the originator for that purpose; or (b) the data message as received by the addressee resulted from the actions of a person whose relationship with the originator or with any agent of the originator enabled that person to gain access to a method used by the originator to identify data messages as its own. (4) Paragraph (3) does not apply: (a) as of the time when the addressee has both received notice from the originator that the data message is not that of the originator, and had reasonable time to act accordingly; or (b) in a case within paragraph (3)(b), at any time when the addressee knew or should have known, had it exercised reasonable care or used any agreed procedure, that the data message was not that of the originator. (5) Where a data message is that of the originator or is deemed to be that of the originator, or the addressee is entitled to act on that assumption, then, as between the originator and the addressee, the addressee is entitled to regard the data message as received as being what the originator intended to send, and to act on that assumption. The addressee is not so entitled when it knew or should have known, had it exercised reasonable care or used any agreed procedure, that the transmission resulted in any error in the data message as received. (6) The addressee is entitled to regard each data message received as a separate data message and to act on that assumption, except to the extent that it duplicates another data message and the addressee knew or should have known, had it exercised reasonable care or used any agreed procedure, that the data message was a duplicate.
22. Lambos v. Commonwealth of Australia (1967-68) 41 A.L.R. 180.
23. This position has also been accepted by the UK Government as promoted in the draft "Electronic Communications Act".
24. K. Thompson, 1990. "Reflections on Trusting Trust," In: P. Denning (editor). Computers Under Attack: Intruders, Worms and Viruses. Reading, Mass.: Addison-Wesley.
25. C. Serban, "Security Issues for 'Always on' Devices: ADSL and Cable Modem Access" AT&T 1999, unpublished copy of this paper was given to the authors and is in their possession.
26. C. Serban, "Security Issues for 'Always on' Devices: ADSL and Cable Modem Access" AT&T 1999, Ibid.
27. The secret key ring in PGP is usually encrypted with a much simpler crypto-system. Also the key ring is subject to a pass phrase but this can usually be broken using one of the hacker programs available on the Internet such as cracker, Satan, or cops.
28. D.E. Bell and L.J. La Padula, 1976. "Secure Computer System: Unified Exposition and Multics Interpretation," ESD-TR-75-306 (March), Mitre Corporation.
29. A. Shamir and N. Van Someren. "Playing hide and seek with stored keys," accessed on 15 December 1999, at at http://www.ncipher.com/products/ files/papers/anguilla/keyhide2.pdf