Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CADRhWrCoqC_6bu5+ynSHjOC0eY3Jpdi00t8i75FZEOf=bvewOQ@mail.gmail.com>
Date: Sun, 17 Dec 2017 08:01:33 -0500
From: "Denny O'Breham" <obreham@...il.com>
To: passwords@...ts.openwall.com
Subject: Re: Authentication vs identification

«still, when i provide ma passport to a party that wants to ID me, i
do not ID myself, they do it to me.»

I could say the same thing about authentication:

«still, when i provide my password to a party that wants to
authenticate me, i do not authenticate myself, they do it to me.»

The proof about that is that even if I correctly give the right
password, one could still refuse to authenticate me. They do it to me.

«the original claim was about the auth requiring smthng.»

But to ID someone, I'm required to give something too: my name for
example.  If I don't do it - if I don't have an active participation -
they will never ID me.

What is the difference in my level of "participation" in giving my ID
or my password?

The true difference is that my ID can be known by anyone and my
password is only known to me.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.