Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!ig!bionet!agate!ucbvax!TWG.COM!galvin
From: galvin@TWG.COM (James M Galvin)
Newsgroups: comp.protocols.misc
Subject: Re: Proposed protocol for positive ID over Internet
Message-ID: <27904.606784987@twg.com>
Date: 24 Mar 89 23:23:07 GMT
References: <7361@phoenix.Princeton.EDU>
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: James M Galvin <galvin@twg.com>
Organization: The Internet
Lines: 12

> A. The server port (m at A) has true ID of the machine (B) connecting to it.
> B. The server port (m at A) has true ID of the port (n) connecting to it.

Whew!  Talk about assumptions.  Do you realize how sweeping these
assumptions are?

I will posit that if you can give me an environment where these two
assumptions are true, your protocol is unnecessary.  I say that because
any environment that supports the above two assumptions has so much
"security" in place it provides authentication by default.

Jim