Dear Vic Abell, Imagine you're coming to your president's room
Secretary: do you have an appointment? Mr. Abell: Yes, my name is Vic Abel Secretary gets your name and looks into timetable and finds required record (that's authorization is). Than she checks time and name are valid (it's authentication). Secretary: Oh, yes, Mr. Abell, you can come in. You can't authenticate user before you authorize him just because you don't know if information provided by user is valid or not. --Tuesday, July 16, 2002, 3:53:07 PM, you wrote to [EMAIL PROTECTED]: VA> I'm new to the Radius protocol, just having finished VA> implementing a module for access to a private VA> authentication service. VA> During development one thing struck me as odd: VA> authorization checks are done before the entity being VA> authorized is authenticated. VA> It's been my experience that before an entity is VA> authorized it should be asked to prove itself via VA> authentication. VA> Why does the Radius protocol reverse the order of VA> authentication and authorization? VA> Vic Abell <[EMAIL PROTECTED]> VA> - VA> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA ��� ����� ���� �����, � �������� ��� ���� ��� ����, ����� �� ������ � � ��� ��������. (����) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
