RFC 426 Reconnection Protocol January 1973 B. Imagine a scenario in which a user could use the same name and password (and perhaps account) to log into any server on the network. For reasons of security and economy it would be undesirable to have every name and password stored at every site. A user wanting to use a Host that doesn't have his name or password locally would connect to it and attempt to log in as usual (See Figure 2). The Host, discovering that it doesn't know the user, would hand him off to a network authentication service which can determine whether the user is who he claims to be. If the user passes the authentication test he can be handed back to Host which can then provide him service. The idea is that the shuffling of the user back and forth between Host and Authenticator should invisible to the user. (a) ______ for authentication ______ | | | | | | |<-----------+------------->| User | |______| | / |______| Host |/ X /| _______ / | | | / v | |<--- |_______| Authenticator (b) ______ ______ | | | | | |<--\ ^ /-->| User | |______| \ | / |______| Host \ | / ------------+--/ | / |/ | /| / | / | authentication _______ / | complete | | / | |<------ |_______| Authenticator Figure 2 Thomas