Suggestion for improved identD
Jay R. Ashworth
jra at scfn.thpl.lib.fl.us
Wed May 20 15:57:29 UTC 1998
On Wed, May 20, 1998 at 08:26:28AM -0700, Dalvenjah FoxFire wrote:
> I hate to break it to you, but not everyone runs Win95 or a Niftee NT
> Box where people can forge ident to be whatever they please. Some of us
> actually run REAL multiuser operating systems where the ident can be trusted.
[ ... ]
> I don't want to hear any BS about how 'ident is unreliable' and 'ident
> can't be trusted'. If it's been properly set up such that the ISP controls
> what is returned rather than the user, or if the protocol is properly
> redesigned to guarantee this, it *WILL* be trustworthy. And a particular
> ISP can't be trusted to run a proper ident, then they get their entire
> network blocked.
I hate to point this out, Dal, but what is being asserted is that "the
operator of the ident daemon is not under the same administrative span
of control as I am". _That_ is why we say that it "cannot be
trusted". Trust has a _very specific_ meaning there.
It _might_ be reliable... but then again, it might not. Unless _you_
have a _contract_ with the _guy at the other end_, specifying that
he'll run an authenticated ident server, and guarantee on pain of
indemnity that it's accurate, you can't call it _trustworthy_.
There _is_ a difference between that and _useful_, however.
Cheers,
-- jra
--
Jay R. Ashworth jra at baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby,
Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
More information about the NANOG
mailing list