Chapter 11. Authentication and Relationship Integrity

Authentication (often abbreviated as “authn”) is the process we use to recognize other entities online.

As Chapter 5 discussed, online relationships depend on knowing that you’re interacting with the same entity each time you connect. I’ve defined functional digital identity as recognizing, remembering, and responding to a person, organization, or thing online. Because of the proximity problem, we are forced to do this recognition without the familiar methods we use in the physical world. Put another way, the integrity of the relationship depends on the authenticity of each connection—being able to identify to whom or what you’re connected.

Authentication prevents outsiders from gaining fraudulent access to a system. This also protects the requester from identity theft. Ensuring authentication is sufficiently robust is vital to the security and relationship integrity of a system.

Identification usually starts with declaring an identifier. Depending on the type of relationship and its uses, you may need to ensure the authenticity of that declaration. There are numerous methods for doing so.

The internet routes packets between machines. When email and other internet services were developed, their creators assumed that people were using a particular machine or domain, so no one needed a method for identifying people. This assumption is the reason emails are addressed to someone@some.domain. This worked well until the web caused ...