Subject: Re: BPG call for use cases
To: Curt Sampson <>
From: Martin Husemann <>
List: tech-security
Date: 07/22/2005 11:15:38
On Fri, Jul 22, 2005 at 05:55:47PM +0900, Curt Sampson wrote:
> First of all: my fault; I was saying identity when I ought to have been
> saying "User ID". Whether you understood "identity" to be "User ID" and
> your description above is incorrect, or you're incorrectly calling user
> IDs "eMail addresses," I'm not sure.

I was just not using your vocabulary ;-)

"Identity" might not be the proper word, in the natural (non cryptographic)
context. I was thinking of a person, for example, as a single, unique entity.
IMHO abstract entities, like role acounts (NetBSD security officer) are
non-obvious, so the argument does not apply. And "User ID" == "eMail
address", just because that is exactly how *I* use it (and what they look