- From: Pete Wenzel <pete@seebeyond.com>
- Date: Tue, 23 Jul 2002 11:10:39 -0700
- To: Joseph Hui <Joseph.Hui@exodus.net>
- Cc: Hal Lockhart <hal.lockhart@entegrity.com>, www-ws-arch@w3.org
Thus spoke Joseph Hui (Joseph.Hui@exodus.net) on Mon, Jul 22, 2002 at 08:03:51PM -0700: > >From: Hal Lockhart [mailto:hal.lockhart@entegrity.com] > [snip] > >1. I still maintain that Authentiation is never an end in itself, > > it is a step that collects data to be used in some other > > decision. > ... > The point I made, as I recall, was to show the fallacy > of "authN by itself was *never* enough" [Assertion A]. > ... > here's one heartbeat app with a negative trigger. > Every N seconds Alice sends an "I'm-alive" signal to Bob. > By sharing a common secret, only Bob knows how to > authenticate the signals from Alice. Bob will invoke > Proc A if M heartbeats from Alice are missed. > See? No authZ whatsoever, But authentication of Alice's signal has a side-effect: it causes Bob to reset his watchdog timer-counter. Signals that cannot be authenticated as coming from Alice should not result in the reset behavior. In other words, we can say that Alice is authorized to reset Bob's counter (or, equivalently, that Alice is authorized to prevent Bob's execution of Proc A). > not even Integrity or > Encryption (as in the cases of H-MAC or dsig), > was involved.... Yes, these have independent uses; clearly sometimes AuthN+AuthZ is enough. However, the heartbeat example doesn't demonstrate that AuthN is enough by itself, because there is more taking place than just AuthN. --Pete Pete Wenzel <pete@seebeyond.com> SeeBeyond Standards & Product Strategy +1-626-471-6311 (US-Pacific)
Received on Tuesday, 23 July 2002 14:11:12 UTC