-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alex van den Bogaerdt wrote:
Authentication can lead to authorization (or not). This does not
mean that authorization necessarily implies authentication.
SPF authorizes IP addresses. Of course this does not mean that SPF
authenticates IP addresses. SPF is supposed to authenticate _domains_.
Just because the concepts of authorization and authentication are not
identical and SPF includes the concept of authorization, that does not
mean that SPF cannot also include the concept of authentication.
Note that nowhere authentication occurs yet reputation works!
I always thought that authenticity was all about being able to take
something for what it appears to be.
You can't apply reputation without being sure that the identity at hand can
be considered authentic.
Am I misunderstanding what authentication is about?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCn6XbwL7PKlBZWjsRApufAKCYfO7RdcuT52Dm0UEVFaXBoMchdwCgpg/M
6iAnhT+yLMClWKj9DwcX0nM=
=wsJX
-----END PGP SIGNATURE-----