[gnso-rds-pdp-wg] Taxonomy: Authorization and Authentication
Mark Svancarek
marksv at microsoft.com
Wed Jul 20 18:19:12 UTC 2016
We use these terms a lot and we also use phrases which mean things similar to these terms. I'd like to explicitly define them and I encourage all to use them as defined so as to be clear and concise. I think it will help.
* Authentication = based on the credentials you have shared (e.g. user name, password, SMS response, smart card, etc.), we know who you are
* Authorization = based on who you are, you are allowed to access specific resources and those resources only, i.e. we define what you can do
If you want to be extra-nerdy:
* Authentication can be abbreviated "authN"
* Authorization can be abbreviated "authZ"
* Authentication and Authorization together can be referenced as "authX"
I hope that's useful.
/marksv
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160720/f3b27bb9/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list