bengta@sics.se (Bengt Ahlgren) (06/03/88)
I've read the ISO 7498 Addendum on Security Architecture carefully, but I don't quite understand what "peer-entity authentication" means. I see two possible interpretations of peer-entity authentication as a service of the (N)-layer: 1. The (N)-entity authenticates its peer (N)-entity; 2. The (N)-layer offers an authentication service to the (N+1)-entity, that is, the (N+1)-entities are authenticated. I also have some difficulty in understanding how the "user" fits in. For example, a person wants to transfer a file from one open system to another with FTAM. Can, for instance, the transport layer authenticate the person for the other open system? Or is it always a task for the application layer? Or is this completely outside the scope of OSI security? -- Bengt Ahlgren Email: SICS bengta@sics.se, Box 1263 bengta@sics.sunet (ean), or S-164 28 KISTA, Sweden ...!mcvax!enea!sics!bengta