ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: authentication or authorization?

2004-03-11 11:43:54
from [Hallam-Baker, Phillip] [Permanent Link] 

No, it is authentication.

Confusion with SMTP authentication is utterly irrelevant.


-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Hector 
Santos
Sent: Thursday, March 11, 2004 7:10 AM
To: Meng Weng Wong; ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: authentication or authorization?



I think we should get away from using "authentication" too.

SMTP authenticated sessions in the traditional SMTP sense 
means "login" and
more importantly allows users or senders to relay mail.

LMAP "authenticated" sessions are not for relaying mail.  I 
hope not!  :-)

I vote for  validated, permitted or even authorized sender.  But not
authenticated.

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com









----- Original Message ----- 
From: "Meng Weng Wong" <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com>
To: <ietf-mxcomp(_at_)imc(_dot_)org>
Sent: Thursday, March 11, 2004 6:47 AM
Subject: authentication or authorization?





I think the confusion between "authentication" and "authorization"
arises from perspective.

From the sender domain's point of view, the SMTP transaction is
authorized or unauthorized.

From the receiver's point of view, the sender is authenticated or
unauthenticated.

To the tall, the average man is short.

To the short, the average man is tall.

Therefore, mu.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Potential Work Item: New DNS resource records, Dave Crocker
Next by Date:  RE: Potential Work Item: New DNS resource records, Hallam-Baker, Phillip
Previous by Thread:  Authentication and Authorization, Hadmut Danisch
Next by Thread:  Re: authentication or authorization?, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]