Authentication

Definition
Given one end of a transmission channel, an authentication procedure establishes which principal is probably at the other end.

Controversy over definition
The above definition (proposed by David-Sarah Hopwood in ) generated a long thread on the cap-talk mailing list, with some participants arguing that it does not cover cases where no channel is involved, or that it is too focussed on identity (however, note that "principal" as defined above is definitely not equivalent to an identity ).

The following alternative definition was proposed by Rob Meijer:

"Authentication is the validation of a specific property of an object, where this property must either be a source of authority, a source of accountability, or both."

but some participants found this to be too vague, and the meaning of "source of authority" and "source of accountablity" to be unclear.

At the time of writing, it seems that a reasonable compromise may be to use "principal authentication" for the first definition above, "validation" for cases of validating a property that are not covered by that definition, and let "authentication" refer to either.

Examples
Banknotes, for example, can also be viewed as having been sent by a transmission channel from the central bank. A banknote states that its holder has a certain amount of money. Banknotes are valid, if that statement is claimed by the central bank. Authentication of the banknote reveals whether this is the case.

Authentication is a routine process performed everytime a Debian user installs something with the apt-get command. The principal, in this case, is a group of Debian developers. Any software whose authentication fails is clearly marked and user has, for obvious reasons, has an option not to install it.