I forgot to group reply this to netbsd-bugs also when I sent it, but
that's good because it probably belongs here anyway, and I also get to
fix a typo. 

Bill Sommerfeld wrote:
> 
> a BOF at the Danvers IETF).  BTW, the real reason for the S/key ->
> OPIE name change (according to Ran Atkinson of NRL) is that Bellcore
> has a trademark on S/key, and NRL's lawyers didn't want them to do
> anything which looked even remotely like trademark infringement..

Er, that's sort of what I said, isn't it? That the problem is the
tradmark and how Bellcore wants to enfore it?

> vs. when do we allow long-term passwords?"); I see no reason to hold
> up the change requested in PR953 for this.

I do, because it's not the best way to do it (especially since it uses
the "secure" keyword in an unanticipated way) and because I don't think
it's a good idea to change it one way temporarily.  If you want that
functionality now, grab the login mods from logdaemon.  They provide
what you want in a cleaner and more flexible way anyway. The way
logdaemon does it is pretty good, and is how I'd like to see NetBSD do
it too, except that it needs to unify the login.access and skey.access
facilities. They skey.access syntax is better, and with a few mods it
could serve both purposes.