Is it possible for a client (not an eavesdropper) to record enough information during an HTTPS GET to be able to cryptographically prove later that the recorded information came from owner of the SSL certificate?
Essentially we want the SSL equivalent of a PGP signature over content.
Conversely, if a content provider (server) wanted to prevent such proof, yet still securely communicate, is that possible? The OTR messaging protocol accomplishes this.
No comments :
Post a Comment