It seems that src/libexec/identd was recently changed from pidentd to a
new implementation that does not support encrypted cookies.

Can we expect encrypted cookie support to be added soon?

I see no point in running an identd that returns lies (might as well
not run it at all), or in one that returns actual user names (that just
encourages people to treat the ident protocol as if it provided an
identification service -- which it does not except in some carefully
controlled cases -- and it leaks potentially sensitive information).  I
do (sometimes) want to run an identd that returns encrypted cookies
that I can decrypt later.

--apb (Alan Barrett)