On Fri, Jan 30, 2009 at 7:01 PM, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
wrote:
Jem,
Responding with my own own views, and expressed in a longer note than one
might
wish, but a thorough review warrants a thorough response...
On reflection, "user" is indeed a very poor choice. Client or consumer would
be
more typical distributed processing label choices. Perhaps there are other
choices?
"customer" seems to fit the bill
Your view that DKIM doesn't have any input or output, other than siging and
verifying is a much deeper disconnect. I believe it represents a commonly
help
view but that that is the source of many problems in disucssing DKIM. Some
years
ago, Ned Freed highlighted the distinction quite nicely, but I can't find his
original text.
If it helps clarify the situation a bit, I came across this
interesting article - clarifies "identity", "authentication" and
"authorization"
http://technet.microsoft.com/en-us/library/cc512578.aspx
It's Me, and Here's My Proof: Why Identity and Authentication Must
Remain Distinct
By Steve Riley
Senior Security Strategist
Security Technology Unit
Microsoft Corporation
May I suggest that those 3 terms be used here, extensively? There's
a clear distinction between the three, and several parallels between
the security / PKI field, where identity management is a concern, to
this field.
srs
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html