Julian Assange wrote: > little call for it and a mountain of conceptual issues to deal with. A > few people have now petitioned (;) to have user authentication back > in, As do we. > *who* is being authenticated? the user? the server running nntpcache? user. > My view is that server side authentication is such a mire of issues, > that one should avoid it entirely, and let nntpcache handle all Agreed. > authentication requests without referral, but this in itself leads to > administration problems. i.e how does nntpcache get access to the > authentication data? /etc/passwd? nis? kerberos? tacacs? radius? What Create a sort of plug-in piece of c-code in which users can implement their own authentication calls. fi. we will be using radius only, and we have the code for inn's nnrpd ready by hand. Of course when we are ready we will publicize this code (first for squid). > if the nntpcache administrator doesn't have control over the news > server? How are these sub-systems configured and how to they > co-operate? Keep it simple: let nntpcache authenticate a *user*, what perhaps would be interesting is to have multiple authorization levels per user :-) > Comments welcome :) Well ok :-) Hans -- Ir. Hans Lambermont http://www.mpn.cp.philips.com/Hans.Lambermont TIS/INS, VN507 Hans.Lambermont@mpn.cp.philips.com Origin IT Systems Management/NL bv phone/fax: (+31 40 27) 85376/88729 PO Box 218, 5600MD Eindhoven, Netherlands GSM: (+31) 6 53252172
