[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: subjects in LDAP ACMs
At 08:32 AM 4/23/01, Cutler, James R wrote:
>Rather than "identified", it should be "authenticated", since this is, in
>fact, what is indicated. Authorization happens outside of the simpleSubject
>definition.
The authorized identity is not necessarily the same as the authentication identity and is not authenticated, per say, but asserted and approved
by some means as part of the authentication/authorization process.
I agree "authorization" happens outside of access control. It happens
prior. At least in RFC 2829 terminology.