Date: Sat, 16 Dec 2017 15:30:12 +0100 From: "e@...tmx.net" <e@...tmx.net> To: passwords@...ts.openwall.com Subject: Re: Authentication vs identification On 12/16/2017 03:21 PM, Denny O'Breham wrote: > A token in a cookie. The user did not give the info in the cookie, it > was put on his computer by the website, he doesn't even know it > exists, yet it is used each time he makes a request during his session > for authentication. a user and a browser are FALSE ENTITIES in this problem. the interaction is between the client and the server. the client authenticates self -- regardless of the technical routines going on on the client side, they are irrelevant to the problem altogether. > > On 12/16/17, e@...tmx.net <e@...tmx.net> wrote: >>> Although authentication typically requires the active participation of the >>> prover, while identification may not, that is not the crucial distinction. >>> It would be a mistake to define the difference in those terms. >> >> a counterexample? >>
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.