W3C home > Mailing lists > Public > ietf-tls@w3.org > July to September 1996

Re: Repost of CompuServe Position on Passphrases

From: Phil Karlton <karlton@netscape.com>
Date: Thu, 25 Jul 1996 10:55:47 -0700
Message-ID: <31F7B523.2781@netscape.com>
To: Don Schmidt <donsch@microsoft.com>
CC: "'John Macko'" <jmacko@nisa.compuserve.com>, "'Tom Weinstein'" <tomw@netscape.com>, "'ietf-tls@w3.org'" <ietf-tls@w3.org> 
> The distinction between whether the application server or the
> authentication authority knows the passphrase is much more than
> semantics.  

Another problem with using passwords is that it almost invariably allows
the administrator of the authentication authority to impersonate any
registered user. It makes accountability highly dubious.

PK
--
Philip L. Karlton		karlton@netscape.com
Principal Curmudgeon		http://home.netscape.com/people/karlton
Netscape Communications

	This kind of rotor is known as a squirrel-cage rotor
	because the way it's wound is like a bird cage.
Received on Thursday, 25 July 1996 14:03:46 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:50 EDT