Re: Milestone 2: authentication and authorization

From: Branko Čibej <brane_at_xbc.nu>
Date: 2000-12-15 00:28:22 CET

Karl Fogel wrote:

> Branko =?ISO-8859-2?Q?=C8ibej?= <brane@xbc.nu> writes:
>
>> (Just an aside here: authentication and authorization are not two sides
>> of the same coin, so we should be careful about using both terms in the
>> same breath. Authorization can be useful without authentication, and
>> vice versa. But I'm sure you now that.)
>
>
> I can understand authentication being useful without authorization,
> but the reverse still eludes me. How can you authorize anything
> without knowing who you're dealing with? (I guess you could put a
> blanket `read-only for everyone' permission on something, but that's
> pretty limited functionality).

Exactly. Or hide directory entries from a readdir. Or whatever. Indeed,
the FAT filesystem /does/ provide pretty limited functionality. :-)

> Anyway, yeah, they both begin with "auth" so that's a clear sign we
> should consider them together. :-)

Blame it on the Greeks again.

-- 
Brane ďż˝ibej
    home:   <brane_at_xbc.nu>             http://www.xbc.nu/brane/
    work:   <branko.cibej_at_hermes.si>   http://www.hermes-softlab.com/
     ACM:   <brane_at_acm.org>            http://www.acm.org/

Received on Sat Oct 21 14:36:17 2006

This message: [ Message body ]
Next message: Karl Fogel: "Re: CVS update: subversion/subversion/libsvn_fs txn-table.c"
Previous message: Bill Tutt: "RE: CVS update: subversion/subversion/libsvn_fs txn-table.c"
In reply to: Karl Fogel: "Re: Milestone 2: authentication and authorization"
Next in thread: Karl Fogel: "Re: Milestone 2: authentication and authorization"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]