[VOIPSEC] An issue of trust?
Geoff Devine
gdevine at cedarpointcom.com
Tue Jun 20 10:09:38 CDT 2006
Right. But people use "authentication" to mean both things and it is
often difficult to tell by context which one they are talking about.
I've seen this happen fairly frequently on this email reflector.
We live in an industry where our technical jargon is meant to be very
precise. It would be useful to have two different terms. Does anyone
have any suggestions?
Geoff
-----Original Message-----
From: stuart jacobs [mailto:stu.jacobs at verizon.com]
Sent: Tuesday, June 20, 2006 10:34 AM
To: Geoff Devine
Cc: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] An issue of trust?
Logging in is user or peer-entity authentication
per-packet trust mechanism is data origin authentication
On Jun 20, 2006, at 9:34 AM, Geoff Devine wrote:
> Andy Zmolek writes:
>
>> Splitting hairs about authentication vs. encryption
>
> <snip>
>
> I struggle with the terminology. The way I (mis?)use the term
> authentication, it can mean both:
>
> Logging In: IKE, Kerberos, SIP digest... I guess this is "session
> authentication"
>
> Per-packet trust mechanism: SHA1, MMH... I guess this is "packet
> authentication"
>
>> From context, it's not always obvious to me which one someone is
>> talking
> about. Are there better terms to distinguish between these two very
> different chunks of security technology?
>
> Geoff
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
========================================================
Stuart Jacobs, CISM, CISSP
PMTS - Sr. Technologist
Network Security
Verizon Laboratories
40 Sylvan Road
Waltham MA 02451-1128
(781) 466-3076
More information about the Voipsec
mailing list