I'm unclear what distinction you're drawing between "identify" and "authenticate." "I am who I say I am," is the sum total of authentication. Everything beyond that gets into authorization.
"I am FOO." = Identification "This is proof I am FOO" = Authentication On Sun, May 18, 2025 at 11:28 AM William Herrin via NANOG < nanog@lists.nanog.org> wrote:
On Sun, May 18, 2025 at 8:02 AM brent saner via NANOG <nanog@lists.nanog.org> wrote:
Transports in SMTP do not authenticate, they identify (if at all).
Hi Brent,
I'm unclear what distinction you're drawing between "identify" and "authenticate." "I am who I say I am," is the sum total of authentication. Everything beyond that gets into authorization.
Which now that I think about it sounds a lot like there's a layer violation in giving TLS certificates a "for this purpose" tag at all. I knew there was a reason I didn't like it but I was having trouble putting my finger on it.
Regards, Bill Herrin
-- William Herrin bill@herrin.us https://bill.herrin.us/ _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/JSL25WHJ...