Path: utzoo!attcan!uunet!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!decwrl!shelby!CS.COLUMBIA.EDU!jordan
From: jordan@CS.COLUMBIA.EDU (Jordan Hayes)
Newsgroups: comp.protocols.kerberos
Subject: authentication in news reading
Message-ID: <8905091329.AA11693@cs.columbia.edu>
Date: 9 May 89 13:29:32 GMT
Sender: daemon@shelby.Stanford.EDU
Organization: The Internet
Lines: 26

I've been thinking about this for a while, and it seems to me that a
Kerberized version of some new protocol (perhaps implemented in RPC
rather than an SMTP-like interface, so that a dummy server could be
built that would link directly into the client code to provide "local"
newsreading without changing anything but a Makefile) at first sounds
like the way to go, but administering a large list of who gets
permission to do what is likely to be a major headache.

For instance, you have class groups (cs160, for example) at Berkeley.
There would be a list of who gets to read it, who gets to post to it,
etc.  It has to be kept on the kerberos server and needs to be
updatable rather easily by a large number of people (TA's, professors,
etc.).

For the Kerberos folk:

Does anyone have any experience with allowing an update facility to
large numbers of "somewhat trustworthy" people on large numbers of
access lists?

For the news folk: 

Hasn't the time come for a library of routines to be written to do
news-ish tasks, both client and (multiple) server?

/jordan