North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Suggestion for improved identD

  • From: Jay R. Ashworth
  • Date: Wed May 20 12:13:04 1998

On Wed, May 20, 1998 at 08:26:28AM -0700, Dalvenjah FoxFire wrote:
> I hate to break it to you, but not everyone runs Win95 or a Niftee NT
> Box where people can forge ident to be whatever they please. Some of us
> actually run REAL multiuser operating systems where the ident can be trusted.
[ ... ]
> I don't want to hear any BS about how 'ident is unreliable' and 'ident
> can't be trusted'. If it's been properly set up such that the ISP controls
> what is returned rather than the user, or if the protocol is properly
> redesigned to guarantee this, it *WILL* be trustworthy. And a particular
> ISP can't be trusted to run a proper ident, then they get their entire
> network blocked.

I hate to point this out, Dal, but what is being asserted is that "the
operator of the ident daemon is not under the same administrative span
of control as I am".  _That_ is why we say that it "cannot be
trusted".  Trust has a _very specific_ meaning there.

It _might_ be reliable... but then again, it might not.  Unless _you_
have a _contract_ with the _guy at the other end_, specifying that
he'll run an authenticated ident server, and guarantee on pain of
indemnity that it's accurate, you can't call it _trustworthy_.

There _is_ a difference between that and _useful_, however.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
Tampa Bay, Florida             on alt.fan.heinlein             +1 813 790 7592

Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com