From WebID Wiki


As we develop and refine the WebID document, we should be cognizant of the varying degrees of technical expertise of our intended audience. Some readers will have a solid foundation in the underlying technologies while others will only have a cursory understanding. Therefore, to ensure effective communication, we should be as clear and precise as possible. This section is a start at creating a listing of terms that can latter be turned into the document’s glossary. Note: it is worth checking the Identity Commons Lexicon

  • Access Control List (ACL): a listing, usually stored as records in a table, of what access rights, or authority, a given authenticated user has to a given object or sets of objects.
  • Authentication (AuthN or A1 or Au): the process of verifying that a given user is indeed who they claim to be. This is taken care of initially by the registration process and subsequently by the login script.
  • Authorization (AuthZ or A2 or Az): the process of verifying and managing the access rights a given authenticated user has to certain objects. This is usually accomplished through access control lists (see ACL above).

Note: The term auth is often used interchangeably for authentication or authorization. But there is significant differences in meaning between these two terms. So as not to confuse people, new terminology has been created to clearly differentiate between one or the other.

Because of this confusion, the process of authentication is now often referred to as A1, or AuthN, or simply Au. The process of authorization is now often referred to as A2, or AuthZ, or simply Az. Since authentication must come before authorization, the A1–A2 ordinality of the terms is evident.