[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DotGNU]password and walet facilities in KDE
From: |
Gopal.V |
Subject: |
Re: [DotGNU]password and walet facilities in KDE |
Date: |
Fri, 21 Dec 2001 02:23:56 +0530 |
User-agent: |
Mutt/1.2.5i |
Hi,
> Why can't the user's own machine offer roaming access.
> In fact, I do it all the time. Apachie runs a small
> private web server that I use to access my home
> network while away. The only problem that dial-up
> users have is no continuous net access. And that can
> be solved with something like UServe.
From what I read about UServ, it offers persistant
content by replication of data. But I *don't* want my
passwords to be stored on an untrusted machine. M$ is
providing a secure (what they call secure) server to
store this. How do I trust Userv when it puts away
valuable/sensitive data like passwords in some remote
untrusted machine where it might be compromised.
Updation of data in UServ is a major issue. It's
great for static HTML pages that change once in a while.
But my password list is added to/modified on a day to day
basis. So how do I update all the other nodes hosting my
data everyday ?.eg in Gnutella, I have seen various versions
/incomplete data etc will UServ be any better ?
The best solution is to provide LDAP style roaming access
with good access controls. Just like Jabber manages the Roster
list, protected by a password. This looks more like a browser
based single login scheme which is more secure than the passport
scheme. Also this does not need any change in the webpage to
use this new scheme.(no application = no ASP =lower costs)
Gopal.V
--
The difference between insanity and genius is only measured by success
//===<=>===\\
|| GNU RULEZ ||
\\===<=>===//