Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!ccu.umanitoba.ca!herald.usask.ca!alberta!brazeau.ucs.ualberta.ca!unixg.ubc.ca!ubc-cs!uw-beaver!zephyr.ens.tek.com!uunet!uunet.UU.NET!sef
From: jmcarli@ns.PacBell.COM (Jerry M. Carlin)
Newsgroups: comp.std.unix
Subject: Re: Report on 1003.6: Security Extensions
Message-ID: <1991Jun28.192719.17816@uunet.uu.net>
Date: 28 Jun 91 15:52:49 GMT
References: <1991Jun28.093940.7185@uunet.uu.net>
Sender: usenet@uunet.uu.net (UseNet News)
Organization: Pacific * Bell
Lines: 24
Approved: sef@uunet.uu.net (Moderator, Sean Eric Fagan - comp.std.unix)
Originator: sef@uunet.UU.NET
Nntp-Posting-Host: uunet.uu.net
X-Submissions: std-unix@uunet.uu.net

Submitted-by: jmcarli@ns.PacBell.COM (Jerry M. Carlin)

The BIG problem I see with 1003.6 is lack of I&A; identification and
authentication. What has been lacking for a LONG time is decent login.c,
passwd.c etc functionality including ability to develop local rules
passwords. We've seen a number of reimplementations of these functions
on the net precisely because the current ones are so bad & inconsistant.

The group has worked very hard on things that I see as having little if
any commercial usefulness such as MAC. I suppose MAC will be useful to
sell to the government but MAC is not useful to the world of applicatons,
transactions and databases.

This is like building a vault but putting no lock on the door or at least
leaving it to someone else to worry about the lock.

I'm not sure if P1003.6 committee is coming up with a horse, camel or
genetic combination but it sure has no head!
--
Jerry M. Carlin	(415) 823-2441 jmcarli@srv.pacbell.com
To dream the impossible dream. To fight the unbeatable foe.


Volume-Number: Volume 24, Number 30