IFX Mail Archive: Re: IFX> draft-moore-qualdocs-protocol-00.

Re: IFX> draft-moore-qualdocs-protocol-00.txt

From: pmoore@peerless.com
Date: Mon Aug 21 2000 - 17:23:43 EDT

  • Next message: Carl Kugler/Boulder/IBM: "Re: IFX> draft-moore-qualdocs-protocol-00.txt"

    You are quite correct - and I certainly believe we should explore certificate
    based authentication.

     Access control is more of a challenge - as far as I am aware (but I am probably
    wrong) there is no widely accepted mechanism for certificate based access
    control.

    "Carl Kugler/Boulder/IBM" <kugler@us.ibm.com> on 08/21/2000 02:09:47 PM

    To: ifx@pwg.org
    cc: (bcc: Paul Moore/AUCO/US)

    Subject: IFX> draft-moore-qualdocs-protocol-00.txt

    <!--StartFragment-->7 Security considerations
    QD presents an interesting challenge of balancing security and
    openness. Many of the envisaged uses of QD require confidentiality of
    the data . at the same time the receiver typically has no prior
    knowledge of the sender or the sending user. This last point will
    normally rule out all user-based authentication and access control.
    <!--EndFragment-->

    Comment: I don't think the receiver's lack of knowledge of the sender
    necessarily rules out all user-based authentication. Authentication is

     "the act of verifying the claimed identity of an individual,
     station or originator".

    Client-side certificates could be used for this. I think it's useful,
    because it would allow one to set up a Printer that is publicly, but not
    anonymously, accessible.

         -Carl



    This archive was generated by hypermail 2b29 : Mon Aug 21 2000 - 17:33:54 EDT