Re: Closing on shared-key authentication -Reply

Baber Amin <> writes:
> I am against this proposal also on the basis of separating application layer
> and ztransport layer issues.

But, as has been pointed out, the issue of separating application
layer and transport layer issues is irrelevant to the proposal.  If it
is in fact an issue of separating out authentication as being an
application layer issue, then the public-key authentication facilities
of TLS should be removed on the grounds that they are also in the
wrong layer.

Shared-key authentication is not fundamentally different from a
layering standpoint than any other authentication technology.  Any
layer in which it is appropriate to put in a public-key authentication
system it is also technically appropriate to put in a shared-key
authentication system.  Authentication is authentication.

_.John Gardiner Myers	Internet: jgm+@CMU.EDU
			LoseNet:  ...!seismo!ihnp4!!give!up

Received on Tuesday, 8 October 1996 14:36:56 UTC