Xref: utzoo sci.crypt:1444 comp.unix.wizards:13783 news.sysadmin:2024
Path: utzoo!utgpu!watmath!clyde!att!pacbell!ames!mailrus!csd4.milw.wisc.edu!leah!itsgw!steinmetz!uunet!ispi!jbayer
From: jbayer@ispi.UUCP (Jonathan Bayer)
Newsgroups: sci.crypt,comp.unix.wizards,news.sysadmin
Subject: Re: Yet Another useful paper
Message-ID: <384@ispi.UUCP>
Date: 30 Dec 88 13:58:32 GMT
References: <11013@ulysses.homer.nj.att.com> <2308@cuuxb.ATT.COM> <12750@bellcore.bellcore.com> <1988Dec26.151208.19016@ziebmef.uucp> <1302
Reply-To: jbayer@ispi.UUCP (Jonathan Bayer)
Organization: Intelligent Software Products, Inc.
Lines: 33

In article <276@gloom.UUCP> cory@gloom.UUCP (Cory Kempf) writes:
=In article <13022@bellcore.bellcore.com> karn@ka9q.bellcore.com (Phil Karn) writes:
=>					 The answer to that problem is a good
=>authentication scheme that would allow you to give your password only once
=>(when logging in to your "home" computer) which would then enable your
=>system to authenticate you to the other systems you use regularly on the
=>network. 
=
=Let's see if I have this right... you are going to allow the
=workstation that is sitting on my desk to convince another system that
=I am me, right?
=
=This workstation that I can bring down if I want, and bring back up in
=single user mode?  With me in the playing the part of root?  
=
=This workstation that will then lie for me if I ask it to? and tell
=your system that I am you?  Or just about anybody else?
=
=Really?


You missed the point.  In order for you playing the part of root to
convince the other system that you are root your root system will have
to have been identified to  the other systems as being allowed to become
root.  In other words, the authentication system will only authenticate
those ids which it has been told to do so.

JB
-- 
Jonathan Bayer				------------------------------------
Intelligent Software Products, Inc.	"The time has come," the Walrus said...
19 Virginia Ave.			------------------------------------
Rockville Centre, NY   11570	(516) 766-2867