From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
...
For the record, the value in separating authentication and authorization
is uniquely a function of an environment where there is a great variation
in the rights which individuals may hold. In environments where there is
no such variation in rights there is not an intrinsic value in
authentication as a distinct step.
That's right. In an isolated corporate network where central
administrators are responsible for all of the computers in the network,
authentication and authorization are the same. In that kind of network
is no difference between code the central operators sign (or is signed
on their behalf) and authorized code.
However, the Internet or even a large university is a different kind
of universe. Microsoft or any outfit can be expected to sign some
code whose installation and operation is authorized by the owners of
some computers, not authorized, on other computers, and worse, only
partly authorized on still other computers.
The distinction is relevant to signed spam filtering code. If it were
technically feasible, might the U.S. Dept. of Defense might ask a vendor
of spam filters to auto-update its customers filters to affect mail in
arabic to or from computers in a particular time zone or with other
characteristics? How about a filter that affects mail about organizations
that the Chinese government does not like? I think the answer to both
questions is "Of course!" Such filters would be authenticated by the
shrink-wrap box vendor but entirely unauthorized.
If you can't learn to moderate your language could you possibly try
to understand that just because people don't observe the limitations
the litterature may contain does not make them ignorant or 'frauds'.
What better words are there for those who say by their words and
products that there is not "a great variation in the rights which
individuals may hold" in the Internet? The decades of security problems
in DOS, Windows, and Windows XP/2000/NT as it is configured by default
are caused in large part by the [you pick the word] and entirely false
assumption that is no "great variation in the rights which individuals
may hold" on computers running Microsoft software.
No useful anti-spam system can ignore the fact the spamishness of a
message or class of messages cannot be centrally defined and that there
are those vast variations among individual email recipients and system
operators.
I've intentionally avoided the issue of whether that signed code has
been reviewed by Lampson and Needham instead of whoever has been
reviewing Microsoft products for the last 20 years.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg