[lug] open port
rise
rise at knavery.net
Fri Mar 29 17:45:15 MST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 29 Mar 2002, Peter Hutnick wrote:
> To draw a parallel, it is like telnet. It can be used to good
> effect in some situations, but for the most part it is more of a
> liability than an asset. The simplest policy is to not use it.
Of course relying on ident for authentication is a risk and it
shouldn't be used for that purpose. Are you trying to suggest that my
sending "[mDuZ1/SK35uB/AOYXjdAGCMsIZSItcam]" as a response to an ident
query is a risk to me? Blindly running a clear-text ident server or
trusting any ident server is a mistake, but using ident properly
isn't.
If your "simplest policy" forbids me accomplishing something useful in
a way that violates no standards and puts me at no risk, why should I
follow it?
- --
Jonathan Conway rise at knavery.net
history is paling & my surge protection failed, & so I FRIED
- Concrete Blonde, "Fried"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6
iD8DBQE8pQqlx9v8xy9f0yoRApzVAJ9HgQK2iQ4I5g3kIX/4DfJWpmkQJgCfSweE
gvEBzoCXFi26wgOaQdDHI2s=
=rIfF
-----END PGP SIGNATURE-----
More information about the LUG
mailing list