Subject: Re: CVS commit: src (identd -L)
To: None <tech-userlevel@netbsd.org>
From: Greg A. Woods <woods@most.weird.com>
List: tech-userlevel
Date: 05/20/1999 14:26:17
[ On Wednesday, May 19, 1999 at 17:07:42 (+0200), Alan Barrett wrote: ]
> Subject: Re: CVS commit: src (identd -L)
>
> I think that we should enable identd in encrypted cookie mode by
> default.

I do too, now that this feature is available.  However this would
necessitate getting a unique and hard-to-guess key in place so that the
default install didn't overly compromise the privacy of the machines
with this default configuration.  Perhaps is rnd(4) were enabled by
default one could grab a key from /dev/random during the initial system
configuration.  I don't know if this would be unique enough across
similar system installs, but perhaps it would.  Certainly the install
process could print a warning that a supposedly random key was used for
this purpose.

One must remember to version control the identd key file in a secure
manner too else the returned cookies may be useless (and to make sure
the cookie is accompanied by a timestamp, of course).

> If my host is sufficiently secure, then *I* can trust what *my* ident
> server says, but if my host is an insecure PC or Mac then I would be
> stupid to trust what my ident server says.  Regardless of whether or
> not my host is secure, nobody else should try to assign any meaning
> to what my ident server says.  The only thing somebody else should do
> with anything my ident server says is log it, in case it's useful to me
> later.

Precisely.  Regardless as to whether or not that was the original design
goal of the protocol, it *is* extremely useful for this purpose alone.
Consequently if you run a service that can be abused (such as a mail
server ;-) then you should perform and log IDENT queries for every
connection to that service in hopes that if your service is abused then
you can hand the cookie back to the admin of the source site and hope
they will extract suitable punishment.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>