Re: Suggestion for improved identD

["Jay R. Ashworth" <jra () scfn thpl lib fl us>]

On Thu, May 21, 1998 at 01:19:41PM +0800, Adrian Chadd wrote:
> When I implemented the forced ident setup, if a user had a static IP, then
> the ident was passed through. Only if they were a dynamic IP dialup client
> would the ident be forced.
>
> The idea here is not to provide a username. Its to provide a method of
> identifying a dialup user, in a way that doesn't change with each login.
> Since most things already query ident, then why not go this path and make
> ident 'trusted' on dynamic IP NAS connections?

Ok, I almost like this.

The only problem I can see is when the dynamic dialup user is still a
linux box... but in that case, the administative control _still_ vests
in the subscriber.  How about: proxy intercept the ident port and
return something based on the dialup ID unless a) the port is a static
connection or b) the user has specifically requested to do their own
identing.  Now, it would be nice to be able to tag which idents come
from the proxy and which don't... but we're getting into signed-identd
territory now.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra () baylink com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
Tampa Bay, Florida             on alt.fan.heinlein             +1 813 790 7592

Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com