Re: [hybi] hybi Digest, Vol 51, Issue 14

Scott Morgan <scott@adligo.com> Thu, 13 June 2013 17:18 UTC

Return-Path: <scott@adligo.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0AED21F99EF for <hybi@ietfa.amsl.com>; Thu, 13 Jun 2013 10:18:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t5JjbTtQW-OJ for <hybi@ietfa.amsl.com>; Thu, 13 Jun 2013 10:18:19 -0700 (PDT)
Received: from mail-vb0-x22e.google.com (mail-vb0-x22e.google.com [IPv6:2607:f8b0:400c:c02::22e]) by ietfa.amsl.com (Postfix) with ESMTP id 4672421F99EC for <hybi@ietf.org>; Thu, 13 Jun 2013 10:18:18 -0700 (PDT)
Received: by mail-vb0-f46.google.com with SMTP id 10so7063029vbe.19 for <hybi@ietf.org>; Thu, 13 Jun 2013 10:18:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=sfIrpJjiJFQYt2rxGZAOPujAlWVO+YTLyyXat4EKoQY=; b=NcmctsfGr7WtPhbC0JOlJplP5r+IAh01Y33HyNKkbx79BGqd0esy7JNUxKb/0ljM83 UOowaEx+qPeZ1wUCz86VCZBA3VT7XOOvL2REOQH6lD/K2tfRrdBcV3xEJmmJncEr9TNI otVVIDby6TB7dWM81mTkjmaFi3Z2fwSjpG7Py399cA2fHmSrYvz8Jfj3fd+7YusWJipB WVMBxmrL3Tk4gPEn6cHf0nx39cssDiFVDXrDQgp76nhmEeCYqYtXI5BJfGWWfggy4Wln yCtfQ+YUwtEogDGZ4/vLGM9Yy5E/SKLZpol4pPB/xlGDcSgbvoqBpNPyjbt97gOULL6g 4rpw==
MIME-Version: 1.0
X-Received: by 10.221.21.74 with SMTP id qr10mr728256vcb.25.1371143894449; Thu, 13 Jun 2013 10:18:14 -0700 (PDT)
Received: by 10.58.203.40 with HTTP; Thu, 13 Jun 2013 10:18:14 -0700 (PDT)
In-Reply-To: <CAHixhFo5EkvjLWzWqfaYBjOMw1DmS3k0Jm4kRVW8fTRvERNRxQ@mail.gmail.com>
References: <mailman.3.1369767603.10801.hybi@ietf.org> <CANEdHmgDD4OCQf009FijtEjU=LzhLoNLZHvXsBxgROmzAyR4+w@mail.gmail.com> <CAH9hSJYfhnmCOF7a9uovsYLObqdXwop35JB6r3PscFwfeO=R=g@mail.gmail.com> <CANEdHmi7Rvb0SinwVmRBEFJMsVW3bPeOn_3f4qB33NfeYBJj6Q@mail.gmail.com> <CAHixhFp0YoacRBB4AxqNv5YEN9hrqmm32MJ+3o9NcRO1ojN9KQ@mail.gmail.com> <CANEdHmhBk_Evwz9EEC85CY6u7Ca4tN+NQDePd67OvFz=tPuw9A@mail.gmail.com> <CAHixhFo5EkvjLWzWqfaYBjOMw1DmS3k0Jm4kRVW8fTRvERNRxQ@mail.gmail.com>
Date: Thu, 13 Jun 2013 12:18:14 -0500
Message-ID: <CANEdHmi2MpSH+U3ejVgjKcoZAfxsqoE9e8sv_7ze4ER=oNAvgA@mail.gmail.com>
From: Scott Morgan <scott@adligo.com>
To: Adam Rice <ricea@google.com>, hybi@ietf.org
Content-Type: multipart/alternative; boundary=001a1133a182c3cd5004df0c504a
X-Gm-Message-State: ALoCoQn999s11DwbYbkFodQToqiIIs1O9bPzwIKXy8zEOeOGW/8oe84HQIKelIauSHqKnfZM7gMr
Subject: Re: [hybi] hybi Digest, Vol 51, Issue 14
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2013 17:18:19 -0000

HI Adam,

   Thanks for your reply it really helped!

To clarify what I meant by "location based authentication"?
I mean three potential things and any combination of them;
A)  The user could be authenticated base on their location (where they are)
using session cookies or their ip address for implementation.

This one could be useful for blocking requests from locations outside of
your building/neighborhood/state/country exc

B) The location (again either by session cookies or ip address) of the user
in addition to other credentials (ie user id, password) is used to
authenticate the user.

This is the one that most banks use to make them more secure than just a
user id/password?

C) The location (again either by session cookies or ip address) of the user
is used to grant additional roles/privileges to the authenticate user
(however they authenticated).

Cheers and thanks again,
Scott