[gnso-rds-pdp-wg] Maybe some more terms? was : Definitions: Authentication and Anonymity

Andrew Sullivan ajs at anvilwalrusden.com
Tue May 16 04:17:58 UTC 2017 

On Tue, May 16, 2017 at 03:16:00AM +0000, Greg Aaron wrote:
> 
> You can be anonymous but your access can still require authentication.  In Lisa's material below there's an example of an anonymous transaction that is authenticated.
> 

I feel like we may be sinking into a hole of terminological confusion
again, so perhaps we need to be a little more precise.

I think by "anonymous" what we mean is that the identity of the
originator of the query cannot be recovered under any circumstances.

I think there may be some equivocation on "authenticated" in the
discussion.  Some appear to mean "authenticated-identity".  The EWG
report takes care to talk about "authenticated users", as far as I can
see, so it seems that's what's at stake in that document.  But Greg is
talking about "authenticated-permissibility" or something like that:
the idea here is that you can authenticate that the requestor has the
right to make the query but not necessarily who the requestor is.  It
seems we need to distinguish between authentication and authorization:
I would call this mode of operation unauthenticated, provably
authorized queries.

We haven't been too careful about the distinction here.  I think most
of the time, what we're talking about is the authorization to access
certain data [fields] without any authentication, and then the
possibility that some other data fields are available depending on the
authentication of the requestor during the transaction.  (One can
think of "access tokens" as either a form of anonymous or maybe
pseudonymous authentication, or else a proof of authorization without
authentication.  I don't especially care how we want to describe this
as long as we recognize a distinction.)

We might like also to have available to us a definition of "persistent
pseudonymous", which is where it is possible to identify that the same
originator is responsible for different queries, but where the
identity of the originator is still not available.  (In most cases,
whois use today is actually of this variety: the whois server can tell
that it's the same source IP over and over, but without getting
co-operation of the user's ISP in time it is not possible to find out
exactly who it was that was making the query.)

I don't know whether additional terminological distinctions will help
us come to a conclusion, but at least they might help us not use the
same words in multiple ways :)

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list