Confirm method (by KM)

Question

Confirm method (by KM)

Closed this issue 8 years ago · 3 comments

Section 4.1.4.1: The Confirm Method
Text: This step can be bypassed if the user has registered a preferred key for this origin, but then the key should be presented with the NRMessage.
Question: What is the difference between “NRMessage” and “data”? Also, Confirm method seems to be very similar to Sign method and does not seem to be necessary.

Answer 1 · 2016-08-29T17:33:17.000Z

NRMessage stands for Non Repudiation Message. It is the piece of information that the Trusted UI component should display and which the end-user should agree.

The data can be much larger (for example a PDF document) and will be signed with the same key at the same time. But because the data presentation cannot be managed in Trusted UI environment, the signed data should be considered as an additional piece of trust, based on the main and accepted trust proof which will be the non repudiation message signature.

Answer 2 · 2016-09-02T10:00:56.000Z

@Ketan2016: do you agree with the explanation ?

Answer 3 · 2016-09-02T10:49:38.000Z

Yes, I am good with the explanation.