[339] in Kerberos
Terminology
daemon@TELECOM.MIT.EDU (Clifford Neuman)
Tue Mar 15 22:52:57 1988
From: bcn@JUNE.CS.WASHINGTON.EDU (Clifford Neuman)
To: steiner@ATHENA.MIT.EDU, kerberos@ATHENA.MIT.EDU
In-Reply-To: steiner@ATHENA.MIT.EDU's message of Mon, 14 Mar 88 18:43:40 EST <8803142344.AA06117@BACH>
I agree with Jennifer. It seems that the technical plan (dated 10
April 1987), uses authenticator to refer to just the piece of data
used to validate the ticket. Where both the ticket and the
authenticator is needed it says that both are sent. It does not name
the combination. This means that the only thing that doesn't
necessarily agree with this naming convention is a few references in
the code. Since many people have the Usenix paper, and quite a few
people have the technical plan, I think we should stick with that
terminology.
If my recollection of the history is correct, authenticator originally
refered to the combination. Since there was not originally a name for
the information used to authenticate the prinicpal other than that in
the ticket, people started refering to the additional information as
the authenticator. Relatively quickly, people started to explicitly
specify that they meant both the ticket and authenticator when they
meant the combination. This all happend before the first real cleanup
of the document, but after the initial code was written.
Since the time that people, other than Steve and myself, worked on the
code, ticket meant just that, authenticator was the additional
information, and the combination of the two was refered to as such,
and not named in itself.
If anything should be changed, the code should be made to agree with
the de facto usage of the terms. Language changes by use, not rule.
In this case, I think it was for the better.
~ Cliff
