Re: user security handbook change list
Klaus-Peter Kossakowski <kpk@work.de> Fri, 18 September 1998 19:28 UTC
Received: from po1.cert.org (po1.cert.org [192.88.209.10]) by ietf.org (8.8.5/8.8.7a) with ESMTP id PAA06715 for <ssh-archive@odin.ietf.org>; Fri, 18 Sep 1998 15:28:31 -0400 (EDT)
Received: from smtp.cert.org (smtp.cert.org [192.88.210.47]) by po1.cert.org (8.8.8/8.8.8) with ESMTP id PAA12242; Fri, 18 Sep 1998 15:26:47 -0400 (EDT)
Received: from po1.cert.org (po1.cert.org [192.88.209.10]) by smtp.cert.org (8.8.8/8.8.8) with ESMTP id PAA03396 for <ssh@smtp.cert.org>; Fri, 18 Sep 1998 15:22:17 -0400 (EDT)
Received: from muenster1.muenster.netsurf.de (muenster1.muenster.netsurf.de [194.64.245.33]) by po1.cert.org (8.8.8/8.8.8) with ESMTP id PAA12152 for <ssh@cert.org>; Fri, 18 Sep 1998 15:22:05 -0400 (EDT)
Received: from sn-pc063 (line46.muenster.netsurf.de [195.180.80.174]) by muenster1.muenster.netsurf.de (8.7.1/8.6.9) with SMTP id VAA28846; Fri, 18 Sep 1998 21:28:07 +0200
Message-Id: <3.0.1.32.19980918201800.006b82a4@rzdspc1.informatik.uni-hamburg.de>
X-Sender: kossakow@rzdspc1.informatik.uni-hamburg.de
X-Mailer: Windows Eudora Light Version 3.0.1 (32)
Date: Fri, 18 Sep 1998 20:18:00 +0000
To: Erik Guttman <erikg@ffm-home-1.Sun.COM>
From: Klaus-Peter Kossakowski <kpk@work.de>
Subject: Re: user security handbook change list
Cc: ssh@cert.org
In-Reply-To: <Roam.SIMC.2.0.6.905940964.12704.erikg@ffm-home-1.germany>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by ietf.org id PAA06715
Hi Erik, I agree with your changes and suggestions beside the points that follows ... As they are only in the glossary, consider them minor. Hey, seems the USH nearly made it :) Best regards, Peter > 7. Glossary changes: > > b. Authentication > > this term is required. How about: > >*** Authentication refers to mechanisms which are used to determine >*** the identity of someone. Authentication typically requires a >*** name and a password to be supplied. ... refers to mechanisms which are used to prove the identity ... determine is too weak from my understanding. It is really that someone can prove that the identity he claims to be really is he (very bad english, sorry) > c. Certificate > > we need a vernacular, not technical explanation here. How > about: > >*** A certificate is used to verify Digital signatures. Say an >*** Email message contains a digital signature that says "I am >*** from Bob." Bob's certificate is used to verify that the >*** digital signature is correct. A certificate is a digital signature on a public key of a user. Say an Email message contains a digital signature that says "I am from Bob." BobĀ“s key is used to verify that these digital signature is correct. But without getting the key from Bob directly, users have to rely on certificates certifying that the key actually belongs to Bob. Klaus-Peter Kossakowski, Germany Phone: (+49) 0171 / 5767010 Fax: (+49)02504 / 729420 kpk@work.de PGP: 0x38B56E3D/2048/RSA
- user security handbook change list Erik Guttman
- Re: user security handbook change list Klaus-Peter Kossakowski