This is just one of many annotation system issues.

Authentication

Authentication is primarily used to verify that the annotation author is who they say they are. To a lessor extent, authentication is used to verify the authorship of the original document.

The following schemes come to mind:

None
Avoid the issue. This is actually a viable solution if the annotations are stored on the annotation author's machine or if annotations are immutable (can not be modified.)

Internet Address
Use the internet address to decide whether someone can modify a document.

E-mail Address
Whenever an annotation is created or edited, that fact can be relayed to the annotation owner via E-mail. If an author receives E-mail about a change or creation that they did not make, extra action can be taken to correct the problem.

Password
Use a password to verify the author. Passwords can be snooped and/or cracked. Also, people tend to be lazy and only use one password so they can remember it.

Public Key Cryptosystem Authentication
Use public key cryptography in conjunction with message digest algorithms to verify the authenticity of an annotation. There are patent and export control issues associated with this one.
What other ones have been missed?


This file, version 1.2 of authentication.html, was last updated at 21:14:23 on 95/09/15.

Copyright (c) 1994,1995 -- Wayne C. Gramlich. All rights reserved.