As for many Internet-related phenomena, there
are no good reasons for believing that a common system will
spontaneously prevail over others. Even if it would happen,
there are no guarantees that it will not be at a certain point supplanted
by another future system, one better equipped for dealing
with some unforeseen evolution of the IT landscape. In
Chapter 2, we discuss a simple and straightforward solution to
this apparently very hard problem.
We devote the rest of the section to describing some notable
examples of nonpassword authentication schemes. In line with
the style adopted so far, we substantiate the abstract considerations
made previously with concrete facts that can come only
from a solid understanding of the underlying mechanisms and
protocols. Besides helping to make our point about the incompatibility
that af?¬‚icts today??™s authentication Babel, the following
descriptions introduce key concepts (such as security token and
federation) that will be instrumental in your comprehension of
Chapter 2. If you are not familiar with those notions, we suggest
you to take the time to go through the next two sections.
60 The Problem
Certi?¬?cate-Based Client Authentication Schemes
In the section ???PKI and Certi?¬?cates,??? you saw how certi?¬?cates
can relate one entity to its public key.
Pages:
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119