Non-repudiation in public-key technology is traditionally defined as the inability of a person (to whom a public key has been bound by a recognized certification authority through issuance of a public key certificate) to deny having made some digital signature. There are problems with this concept, starting with the fact that this contradicts standard legal practice. Some of the other problems with this concept are listed below.
It should be noted that there are really two different definitions of non-repudiation: Legal and Cryptographic. This rant is about Legal Non-repudiation. Cryptographic Non-repudiation is provably achieved by all practical public-key cryptosystems. It is defined as being able to prove that if you have a digital signature that verifies with public key K, then you know that the associated private key was used to make that signature. This definition says nothing about any human who might or might not have instigated the creation of that digital signature.
Non-repudiation is defined in terms of proving to a third party the intention or at least behavior of some person. That is, Bob proves to the judge, John, that Alice intended to sign some document. Hardware and software are incapable of providing that proof. The only thing that is proved is the behavior of some cryptographic key, buried deep in a computer system, with layers of hardware and software between whatever person is instigating the action and the action itself. Those layers anonymize the person. They could also be under the control of some attacker. Therefore, there are opportunities for attack both physically (at the computer keyboard) and by software (through the intermediate software layers).
It may be that all the problems with non-repudiation stem from the fact that the traditional definition refers to the behavior and state of mind of a human being, but the technology is that of computers, processes and cryptographic keys. There is no provable link between the person and the computer. There is also no hardware in the standard implementation of a public-key system to monitor the behavior of the human being and operate as a witness to the human’s actions. Even if there were such hardware as part of the individual computers doing public key operations, there is no case law to establish that such hardware could offer testimony in court.
The reason that Legal Non-repudiation is not achievable is that the logic by which it was formulated is a false syllogism. The observed fact is that a person can run one program to view or create a file or a message and can run another program to use a private key to create a digital signature of that file or message. By Cryptographic Non-repudiation, anyone with that file, digital signature and public key can prove that the signature was formed over an exact copy of the file by the private key associated with the public key used in verification. The false logic is that the other steps in this process are also invertible. They are obviously not invertible.
In a transaction between a consumer and a merchant, the presumption of non-repudiation assigns presumed liability to the consumer rather than the merchant. This is exactly counter to the spirit of US consumer protection law.
What made e-commerce work the first time (with mail order and telephone order) was giving the consumer the right to repudiation. This is the real protection that allows a consumer to shop electronically with a feeling of safety. It is this right of repudiation guaranteed by credit card companies that makes web shopping safe – not cryptography. [Cryptography (e.g., SSL) does almost nothing to protect the consumer. That is, the marginal utility to the consumer of using SSL over shopping without it is almost 0, when shopping with a credit card.]
If one were to do a contract (e.g., “I, the undersigned, will stand behind any digital transaction signed by the key whose SHA-1 hash is: ____________.”), then contract law would apply and non-repudiation would be moot. By trying to skip that contract step, the presumption of non-repudiation is discarding a legal practice that has been carefully developed over years – without first showing that the steps being discarded are superfluous.
Whether key management is implemented by CRL or an online validation service, the issuer of the CRL or the validation service needs to learn that a key needs to be revoked. That service is not omniscient. This knowledge has to come from somewhere.
 ..such as, for example, the TV camera that is part of an ATM, recording the face and behavior of the person at the keyboard and card reader of the ATM