Re: Clarification of when authentication is used

Fred Baker <fbaker@acc.com> Wed, 03 August 1994 15:50 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa07020; 3 Aug 94 11:50 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa07016; 3 Aug 94 11:50 EDT
Received: from atlas.xylogics.com by CNRI.Reston.VA.US id aa09311; 3 Aug 94 11:50 EDT
Received: by atlas.xylogics.com id AA17475 (5.65c/UK-2.1-940401); Wed, 3 Aug 1994 11:51:05 -0400
Received: from fennel.acc.com by atlas.xylogics.com with SMTP id AA05205 (5.65c/UK-2.1-940401); Wed, 3 Aug 1994 11:50:47 -0400
Received: from by fennel.acc.com (4.1/SMI-4.1) id AB13688; Wed, 3 Aug 94 08:47:52 PDT
Message-Id: <9408031547.AB13688@fennel.acc.com>
X-Sender: fbaker@129.192.64.25
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Wed, 3 Aug 1994 08:47:52 -0800
To: Gary Scott Malkin <gmalkin@xylogics.com>
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Fred Baker <fbaker@acc.com>
Subject: Re: Clarification of when authentication is used
Cc: ietf-rip@xylogics.com

>> The thing is,
>> we've now mixed two very different applications with one mechanism.

>That's a good point.  I guess that, for simple password, you must
>authenticate the queries, lest you give away the password.  For MD5,
>you don't, by default, authenticate queries.  I guess the MD5 proposal
>should include a statement about an optional switch which may be used
>to turn query authentication, when using MD5, on.

OK

=============================================================================
                        "In sound wisdom there are two sides"
                                        Zophar, Job 11:6