On Thu 2001-12-06 (13:31), Ryan Russell wrote:
> uin is connecting to it. It's intended to be a weak
> authentication scheme, though it's basically useless, since it's
> info supplied by the client.
As one will see this quite often, the recent rfc1413 defining it is
worth reading (and nice to read). Obsoleting rfc931 it renames the
protocol from "Authentication" to "Identification Protocol".
Primary purpose nowadays IMHO is to provide the admin of the system
running identd with information if someone having done ident lookups
contacts him. Or set up things in cooperation, since as pointed out
the information is just as trustworthy as the answering system (and
the link, ok). BTW: identd may reply with crypted tokens as well.
--
MfG/best regards, helmut springer "Freedom's just another word
for nothing left to lose"
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Dec 07 2001 - 13:45:48 PST