[716] in Kerberos
Re: authentication in news reading
daemon@TELECOM.MIT.EDU (pato@APOLLO.COM)
Tue May 9 16:55:56 1989
From: pato@APOLLO.COM
To: jordan@cs.columbia.edu (Jordan Hayes)
Cc: kerberos@ATHENA.MIT.EDU, nntp-managers@BERKELEY.EDU
In-Reply-To: jordan@cs.columbia.edu (Jordan Hayes), tue, 9 may 89 09:29:32
I've been thinking about this for a while, and it seems to me that a
Kerberized version of some new protocol (perhaps implemented in RPC
rather than an SMTP-like interface, so that a dummy server could be
built that would link directly into the client code to provide "local"
newsreading without changing anything but a Makefile) at first sounds
like the way to go, but administering a large list of who gets
permission to do what is likely to be a major headache.
For instance, you have class groups (cs160, for example) at Berkeley.
There would be a list of who gets to read it, who gets to post to it,
etc. It has to be kept on the kerberos server and needs to be
updatable rather easily by a large number of people (TA's, professors,
etc.).
For the Kerberos folk:
Does anyone have any experience with allowing an update facility to
large numbers of "somewhat trustworthy" people on large numbers of
access lists?
For the news folk:
Hasn't the time come for a library of routines to be written to do
news-ish tasks, both client and (multiple) server?
/jordan
The Apollo distributed user account management system provides this capability.
You can create any number of groups and associate different administrators with
each of those groups. Update access is available from any machine in the
network and the servers immediately propagate the information to all other
servers.
Apollo has shipped this product as part of base software in Domain/OS since
sr10 (July 1988) and has announced the product (under the name Passwd Etc) for
SunOS and Ultrix this week.
A general (dated) description of the system can be found in:
Pato, Joseph N.; et al. "A User Account Registration System for a Large
(Heterogeneous) UNIX Network", Proceedings of the Usenix Association Winter
Conference, 1988.
More recent information including new enhancements will be available from
Apollo sales offices.
Joe Pato UUCP: ...{attunix,uw-beaver,brunix}!apollo!pato
Apollo Computer Inc. NSFNET: pato@apollo.com
-------
