[cap-talk] Definition of Authentication on wiki.erights.org

David-Sarah Hopwood david-sarah at jacaranda.org
Fri Sep 4 13:02:17 PDT 2009 

Rob Meijer wrote:
> The list has been quiet lately, unfortunately some interesting discussions
> seem to have died out prematurely. One of them is I feel an essential one,
> that of the definition of authentication.
> 
> As I stated in the discussion earlier, I feel that the definition in
> http://wiki.erights.org/wiki/Authentication (1) is overly complicating to
> explain, and quite possibly wrong.
> 
> In any case I've been using an alternative definition in talks I've been
> giving, that I stated earlier in the died off discussion.
> 
> I have been thinking about a clearer wording for the definition I have
> been using, and would like to suggest an alternative definition (2).
> 
> 1) "Given one end of a communication channel, an authentication procedure
>     establishes which principal is probably at the other end."
> 
> 2) "Authentication is the validation of a specific property of an object,
>     where this property must either be a source of authority, a source of
>     accountability, or both."
> 
> I personally feel that 1 is to far detached from every day usage of the
> word, is to much centered around use by the identity based mechanisms, and
> is complicating something quite simple by doing so.

Authentication absolutely is about identifying principals. In cases where
you don't need that, you don't need authentication.

When talking about more general cases of testing whether something is
valid according to some criterion, it's much clearer to say "validation"
(or "verification", or whatever).

The point about (1) is that it says something non-obvious and useful about
authentication, rather than just defining it circularly in terms of other
words that mean approximately the same thing. It is supposed to provoke the
reaction: "Aha! Now that I think about it, of course there is *always* a
communication channel involved."

> Am I the only one who sees a problem with 1? And whatever the answer to
> that, is 2 a good definition?

Definition 2 is just far too vague for me. I don't understand what
"a property [that is] a source of authority and/or accountability" is
supposed to mean.

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

More information about the cap-talk mailing list