RE: [Asrg] C/R Framework

["Eric Dean" <eric@purespeed.com>]

>
> Introduction
> "Challenge Response systems intend to authenticate a sender's
> identity and
> determine if a sender originated a message to a particular recipient."
>
> Suggested change:
>
> Challenge Response systems intend to validate message origination for a
> designated recipient.

Yes, the by-product of post-midnight, caffeinated stupors is that sentences
make sense that in fact don't.

> Rationale:
>
> C/R systems may not be required to authenticate identity (perhaps
> they should
> not, that does not matter) however the basis intent is to
> validate using some
> mechanism (automated or manual) a messages originator, where
> origination may be
> a human or machine actor.  Additionally, the use of 'particular'
> connotes for
> me that any 'addressed' recipient may be the subject of
> 'determination'.  IMHO,
> the more appropriate term would be designated recipient as that
> for me connotes
> an association between the originator and the recipient.

agreed

> On a slightly different point, in my terms a sender and originator are
> functionally equivalent but since your paper also addresses
> possible machine
> actors I use the term originator as a semantic abstraction.
>
> <insert>
> Message Originator
>
>  An actor, human or machine, that causes the insertion of an
>  original or revised message into the message transfer system.
>
> Sender
>
>  The nomenclature used to designate a message originator or a
>  process acting as a origination point for a message in the MTS.
>  Sender is also a message header.
> </insert>


Would also be a good insertion into our taxonomy.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg