I guess what's puzzling some people like me, is what the security concept behind this arrangement really brings to the table. Authenticating machines connecting to the network is indeed useful but in general only has the function to prove that the device has been accepted and possibly configured by IT (AV etc.)
I hope you don't mind me generalizing the discussion a bit: If the machines in question have entirely different function and thus need specific users. This could for example be X-ray equipment that only should be used by authorized and trained personnel. This still seems to point to user authentication. If the computers OTOH are just ordinary but shared office computers, critical data should be server-based and protected by user access control. Thin clients is the most common solution to this fairly standard problem. Then it would be X.509 per user rather. As nothing is more secure than its weakest link, using passwords for getting machine access (and thus being authenticated in the sense that this concept expects...), doesn't appear like an ideal solution. That the concept does not build on AD access, makes me believe that this idea needs a revision or two because administration is a core element of all security solutions and here we obviously have a lot of stuff to administer. Also the word "federation" rings in my ear. Anders Rundgren -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
