[ietf-dkim] Comments on draft-ietf-dkim-rfc4871-errata-00
Suresh Ramasubramanian
ops.lists at gmail.com
Fri Jan 30 06:08:37 PST 2009
On Fri, Jan 30, 2009 at 7:01 PM, Dave CROCKER <dhc at dcrocker.net> wrote:
> Jem,
>
> Responding with my own own views, and expressed in a longer note than one might
> wish, but a thorough review warrants a thorough response...
> On reflection, "user" is indeed a very poor choice. Client or consumer would be
> more typical distributed processing label choices. Perhaps there are other choices?
"customer" seems to fit the bill
> Your view that DKIM doesn't have any input or output, other than siging and
> verifying is a much deeper disconnect. I believe it represents a commonly help
> view but that that is the source of many problems in disucssing DKIM. Some years
> ago, Ned Freed highlighted the distinction quite nicely, but I can't find his
> original text.
If it helps clarify the situation a bit, I came across this
interesting article - clarifies "identity", "authentication" and
"authorization"
http://technet.microsoft.com/en-us/library/cc512578.aspx
It's Me, and Here's My Proof: Why Identity and Authentication Must
Remain Distinct
By Steve Riley
Senior Security Strategist
Security Technology Unit
Microsoft Corporation
May I suggest that those 3 terms be used here, extensively? There's
a clear distinction between the three, and several parallels between
the security / PKI field, where identity management is a concern, to
this field.
srs
More information about the ietf-dkim
mailing list