SSO authentication: a new approach

[John Good]

Ray -

I can't see that I would be willing to let
someone with one of your "weak certificates"
do much more than someone with an HTTP cookie.
I would not, for instance, let them have file
upload access (unless I wanted to be in the
business of supplying free storage to the
world).

- John


Ray Plante wrote:

> Hey Paul,
> 
> On Fri, 11 Mar 2005, Paul Harrison wrote:
> 
>>In the discussion so far of  "less-trusted" or "weak certificates" - 
>>what is actually meant is lower priviledges assigned to an identity that 
>>is still confirmed by reference to a CA signature, in just the same way 
>>that a "strong certificate" - i.e. as far as the cryptographic 
>>confirmation of the identity goes there is no difference.
> 
> 
> In my view of the idea of "weak certificates" is not simply an issue of 
> lower priviledges.  Consider your definition...
> 
> 
>>I still think that we should distinguish between trust (i.e. do we know 
>>that the entity is what it says it is - i.e. it has identity signed by a 
>>certificate authority that we know) ...
> 
> 
> With a weak certificate, we *don't* know that the entity is what it says
> it is.  We only know that the entity is the same entity as the last time
> it came around.  The point is that with a Weak CA, we cannot put full
> trust in it because it is easy for users to register false identities.
> 
> I sense that an underlying principle that you are trying to get at is that
> authentication and determining authorization are separate operations.
> If so, I agree whole-heartedly.  In the case of weak certificates, the
> CA that signs the cert can be used in part to assign priviledges.  
> 
> cheers,
> Ray