[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: anonymous & none in the ACM (Was: Comments Access Control Mod el - authentication levels 2)

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, George_Robert_Blakley_III@tivoli.com
Subject: RE: anonymous & none in the ACM (Was: Comments Access Control Mod el - authentication levels 2)
From: "Ramsay, Ron" <Ron.Ramsay@ca.com>
Date: Tue, 10 Apr 2001 11:53:36 +1000
Cc: ietf-ldapext@netscape.com

Isn't the store knowing your name actually a red herring? Who have you
authenticated to? The store? No, the bank. And you authenticated with name
AND password.

Ron.

-----Original Message-----
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: Tuesday, 10 April 2001 4:21
To: George_Robert_Blakley_III@tivoli.com
Cc: ietf-ldapext@netscape.com
Subject: Re: anonymous & none in the ACM (Was: Comments Access Control
Model - authentication levels 2)

At 12:52 PM 4/9/01 -0500, George_Robert_Blakley_III@tivoli.com wrote:
>X.500 was designed before privacy became an issue as big as it is today.
>Certainly "anonymous" and "unauthenticated" DO NOT mean the same thing
>in all cases -- for example if I use a debit (ATM) card at my grocery
>store, from
>the viewpoint of the store I am anonymous (they don't learn my identity,

Actually, the store does know your name... it might even
be printed on your receipt... my local store actually
makes a point in thanking customers by name after they
use their bank card.

Kurt

Prev by Date: Re: Authentication Levels for ACMs
Next by Date: RE: IP Address in the ACM (Was: Comments onAccessControlModel- BNF)
Index(es):
- Chronological
- Thread