[cap-talk] Definition of Authentication on wiki.erights.org

[Matej Kosik]

Rob Meijer wrote:
> The list has been quiet lately, unfortunately some interesting discussions
> seem to have died out prematurely. One of them is I feel an essential one,
> that of the definition of authentication.
> 
> As I stated in the discussion earlier, I feel that the definition in
> http://wiki.erights.org/wiki/Authentication (1) is overly complicating to
> explain, and quite possibly wrong.
> 
> In any case I've been using an alternative definition in talks I've been
> giving, that I stated earlier in the died off discussion.
> 
> I have been thinking about a clearer wording for the definition I have
> been using, and would like to suggest an alternative definition (2).
> 
> 1) "Given one end of a communication channel, an authentication procedure
>     establishes which principal is probably at the other end."
> 
> 2) "Authentication is the validation of a specific property of an object,
>     where this property must either be a source of authority, a source of
>     accountability, or both."
> 
> I personally feel that 1 is to far detached from every day usage of the
> word, is to much centered around use by the identity based mechanisms, and
> is complicating something quit simple by doing so. Am I the only one who
> sees a problem with 1? And whatever the answer to that, is 2 a good
> definition?

The two definitions 1) and 2) are not equivalent. Are they? If not, it
means that at least one of those definition does not define
authentication. I am not sure what is wrong with option 1).
(The word "detached from everyday" does not worry me---I am deteched :)
 I think you are wrong if you think that definition 1) somehow
 inevitably implies identity-based management.)

I can only say what I think is wrong with definition 2) ... I do not
understand it. What is "source of authority"? A subject that passes a
capability to another subject and thus raising its authority? How is
this connected with authenticity?

Sincerely
-- 
Matej Kosik