mirror of
https://gitlab.com/spritely/ocappub.git
synced 2024-11-26 15:13:02 +00:00
Rename "authentication" to "identity verification"
This commit is contained in:
parent
381fbce9a3
commit
029898482f
37
README.org
37
README.org
@ -60,8 +60,12 @@ not specified:
|
|||||||
# "clean agreement" on how to attach signatures *to* posts yet.
|
# "clean agreement" on how to attach signatures *to* posts yet.
|
||||||
# - authorization is not specified
|
# - authorization is not specified
|
||||||
|
|
||||||
- Authentication is not specified. Authentication is important to
|
- Identity verification is not specified.
|
||||||
verify "did this entity really say this thing".[fn:did-you-say-it]
|
("Identity verification" is the same as "authentication", but since
|
||||||
|
"authentication" sounds confusingly too similar to "authorization",
|
||||||
|
we are not generally using that term in this document.)
|
||||||
|
Identify verification is important to verify "did this entity
|
||||||
|
really say this thing".[fn:did-you-say-it]
|
||||||
However, the community has mostly converged on using [[https://tools.ietf.org/html/draft-cavage-http-signatures-11][HTTP Signatures]]
|
However, the community has mostly converged on using [[https://tools.ietf.org/html/draft-cavage-http-signatures-11][HTTP Signatures]]
|
||||||
to sign requests when delivering posts to other users.
|
to sign requests when delivering posts to other users.
|
||||||
The advantage of HTTP Signatures is that they are extremely simple
|
The advantage of HTTP Signatures is that they are extremely simple
|
||||||
@ -76,20 +80,19 @@ not specified:
|
|||||||
all users have a library for in their language, so Linked Data Proofs
|
all users have a library for in their language, so Linked Data Proofs
|
||||||
have not as of yet caught on as popularly as HTTP Signatures.
|
have not as of yet caught on as popularly as HTTP Signatures.
|
||||||
|
|
||||||
- Authorization is also not specified. (Authentication and
|
- Authorization is also not specified.
|
||||||
authorization are frequently confused (especially because in
|
As of right now, authorization tends to be extremely ad-hoc in
|
||||||
English, the words are so similar) but mean two very different
|
ActivityPub systems, sometimes as ad-hoc as unspecified heuristics
|
||||||
things: the former is checking who said/did a thing, the latter is
|
from tracking who received messages previously, who sent a message
|
||||||
checking whether they are allowed to do a thing.) As of right now,
|
the first time, and so on.
|
||||||
authorization tends to be extremely ad-hoc in ActivityPub systems,
|
The primary way this is worked around is sadly that
|
||||||
sometimes as ad-hoc as unspecified heuristics from tracking who
|
|
||||||
received messages previously, who sent a message the first time,
|
|
||||||
and so on. The primary way this is worked around is sadly that
|
|
||||||
interactions which require richer authorization simply have not
|
interactions which require richer authorization simply have not
|
||||||
been rolled out onto the ActivityPub network.
|
been rolled out onto the ActivityPub network.
|
||||||
|
|
||||||
Compounding this situation is the general confusion/belief that
|
Compounding this situation is the general confusion/belief that
|
||||||
authorization must stem from authentication.
|
authorization must stem from identity verification (again, partly
|
||||||
|
because "authentication" is often used for "identity verification",
|
||||||
|
and that term /sounds/ in English too similar to "authorization").
|
||||||
This document aims to show that not only is this not true, it is also
|
This document aims to show that not only is this not true, it is also
|
||||||
a dangerous assumption with unintended consequences.
|
a dangerous assumption with unintended consequences.
|
||||||
An alternative approach based on "object capabilities" is
|
An alternative approach based on "object capabilities" is
|
||||||
@ -544,12 +547,12 @@ In no way do Access Control Lists follow the
|
|||||||
to be able to sensibly trust their computing systems in this modern
|
to be able to sensibly trust their computing systems in this modern
|
||||||
age.
|
age.
|
||||||
|
|
||||||
To be sure, we need authentication when it is important to know that a
|
To be sure, we need identity verification when it is important to know
|
||||||
certain entity "said a particular thing", but it is important to
|
that a certain entity "said a particular thing", but it is important
|
||||||
understand that this is not the same as knowing whether a particular
|
to understand that this is not the same as knowing whether a
|
||||||
entity "can do a certain thing".
|
particular entity "can do a certain thing".
|
||||||
|
|
||||||
Mixing up authentication with authorization is how we get ACLs,
|
Mixing up identity verification with authorization is how we get ACLs,
|
||||||
and ACLs have serious problems.
|
and ACLs have serious problems.
|
||||||
|
|
||||||
For instance, consider that Solitaire (Solitaire!) can steal all your
|
For instance, consider that Solitaire (Solitaire!) can steal all your
|
||||||
|
Loading…
Reference in New Issue
Block a user