Editing Digital signature (section)

===Non-repudiation===
[[Non-repudiation]],<ref name="Cryptomathic_MajorStandardsDigSig" /> or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.

Note that these authentication, non-repudiation etc. properties rely on the secret key {{em|not having been revoked}} prior to its usage. Public [[certificate revocation|revocation]] of a key-pair is a required ability, else leaked secret keys would continue to implicate the claimed owner of the key-pair. Checking revocation status requires an "online" check; e.g., checking a [[certificate revocation list]] or via the [[Online Certificate Status Protocol]].<ref name="CryptomathicDigSigServicesAshiqJA" />  Very roughly this is analogous to a vendor who receives credit-cards first checking online with the credit-card issuer to find if a given card has been reported lost or stolen. Of course, with stolen key pairs, the theft is often discovered only after the secret key's use, e.g., to sign a bogus certificate for espionage purpose.