> it's no biggie... but if authentication, is it also going to cover > authentication between user and client (logging in to the client)? > doubtfully no, so perhaps something closer to 'single sign-on'? 'SSO-JIG'?
OK, Single Sign On JIG it is. I quite like that name. I'll repost the JEP soon. thanks -mike ----- Original Message ----- From: "Adam Theo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 01, 2001 2:39 AM Subject: Re: [JDEV] Distributed Authentication - thoughts people? > Michael Hearn wrote: > > > Hiya, > > > > Firstly, I'd like to make clear that I am well aware of the difference > > between authentication and authorization. The JIG says this: > > > > > > > > > > The rise of the Microsoft Passport system has demonstrated that users > > want and need authentication services on the net. In brief, distributed > > authentication allows you to login to the network once, and from that > > point on be recognised by all sites that conform to the standard. This > > is known as Single Sign-In. Passport however suffers fundamental > > limitations - this document is not really the place to discuss them - > > and Jabber can do better. > > > > Authorization is something different, as commented on below. The JIG > > would deal first with authentication, then moving on the authorization, > > to allow services to access aspects of the users account. Again, we > > would attempt to do this in a server transparent fashion, so that the > > users host doesn't necessarily have to be running a Jabber server - just > > any server that conforms to the protocol will do. > > > > > > > > > > I thought about calling it the auth jig, but I'm not sure how good a > > name that is. I decided upon authentication as this would be the primary > > focus, moving on to authorization later. I'm fine with changing it > > though, if people want me to. > > thanks -mike > > > > > > it's no biggie... but if authentication, is it also going to cover > authentication between user and client (logging in to the client)? > doubtfully no, so perhaps something closer to 'single sign-on'? 'SSO-JIG'? > > > > _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
