Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uunet!snorkelwacker!bloom-beacon!EXPO.LCS.MIT.EDU!keith
From: keith@EXPO.LCS.MIT.EDU (Keith Packard)
Newsgroups: comp.windows.x
Subject: Re: XDMCP does not allow desired policy for BroadcastQuery's
Message-ID: <9003010026.AA01440@xenon.lcs.mit.edu>
Date: 1 Mar 90 00:26:51 GMT
References: <2144@labtam.oz>
Sender: daemon@athena.mit.edu (Mr Background)
Organization: The Internet
Lines: 29


> The BroadcastQuery (and Query) packets could usefully contain the
> Manufacturer Display ID.  This is to allow policies to be a function
> of the display.

I'm assuming you're not implementing a display manager which refuses to
talk to some vendors X terminals :-)

The Manufacturer Display ID is used specifically to find the private key which
the display uses to authenticate the manager.  It was added for that purpose
alone.  This allows vendors which do not ship any sort of authentication scheme
to avoid the complexity of programming each terminal with its Display ID.

As the display manager receives the IP address of the display requesting
management, it can make policy decisions based on that.

I think this second scheme is actually more favorable than using the Display ID
-- you could program the display manager to accept ranges of IP addresses and
ignore other ranges; in this way you wouldn't have to reconfigure every display
manager each time a terminal was installed/uninstalled.

If you see some overwhelming advantage to using the Manufacturer Display ID
instead of the IP address, please explain it to me.

Xdm should support this sort of thing already; that it doesn't is because of
limited engineering resources, not a desire to use some other mechanism.

Keith Packard
MIT X Consortium