Report on 1003.6: Security Extensions
Jerry M. Carlin
jmcarli at ns.PacBell.COM
Sat Jun 29 01:52:49 AEST 1991
Submitted-by: jmcarli at ns.PacBell.COM (Jerry M. Carlin)
The BIG problem I see with 1003.6 is lack of I&A; identification and
authentication. What has been lacking for a LONG time is decent login.c,
passwd.c etc functionality including ability to develop local rules
passwords. We've seen a number of reimplementations of these functions
on the net precisely because the current ones are so bad & inconsistant.
The group has worked very hard on things that I see as having little if
any commercial usefulness such as MAC. I suppose MAC will be useful to
sell to the government but MAC is not useful to the world of applicatons,
transactions and databases.
This is like building a vault but putting no lock on the door or at least
leaving it to someone else to worry about the lock.
I'm not sure if P1003.6 committee is coming up with a horse, camel or
genetic combination but it sure has no head!
--
Jerry M. Carlin (415) 823-2441 jmcarli at srv.pacbell.com
To dream the impossible dream. To fight the unbeatable foe.
Volume-Number: Volume 24, Number 30
More information about the Comp.std.unix
mailing list