Re: ``WHY TAP?'': A White Paper
Anders Andersson <andersa@mizar.docs.uu.se> Fri, 14 August 1992 19:12 UTC
Received: from ietf.nri.reston.va.us by IETF.NRI.Reston.VA.US id aa05654; 14 Aug 92 15:12 EDT
Received: from NRI.NRI.Reston.Va.US by IETF.NRI.Reston.VA.US id aa05650; 14 Aug 92 15:12 EDT
Received: from ietf.NRI.Reston.Va.US by NRI.Reston.VA.US id aa16376; 14 Aug 92 15:12 EDT
Received: from ietf.nri.reston.va.us by IETF.NRI.Reston.VA.US id aa05645; 14 Aug 92 15:12 EDT
Received: from NRI.NRI.Reston.Va.US by IETF.NRI.Reston.VA.US id aa05641; 14 Aug 92 15:11 EDT
Received: from sunic.sunet.se by NRI.Reston.VA.US id aa16368; 14 Aug 92 15:12 EDT
Received: from Mizar.DoCS.UU.SE by sunic.sunet.se (5.65c8/1.28) id AA08431; Fri, 14 Aug 1992 21:12:39 +0200
Received: by Mizar.DoCS.UU.SE (Sun-4/260, SunOS 4.0) with sendmail 5.61-bind 1.5+ida/ICU/DoCS/mizar id AA20516; Fri, 14 Aug 92 21:12:33 +0200
Date: Fri, 14 Aug 1992 21:12:33 +0200
From: Anders Andersson <andersa@mizar.docs.uu.se>
Message-Id: <9208141912.AA20516@Mizar.DoCS.UU.SE>
To: brnstnd@kramden.acf.nyu.edu, tytso@athena.mit.edu
Subject: Re: ``WHY TAP?'': A White Paper
Cc: ident@NRI.Reston.VA.US
Ted writes: > [...] Again, the rest of the community > does not benefit from a host running the ident protocol, because they > have no way of knowing whether or not the host is actually sending back > real usernames or not. But does it matter to the IDENT client whether the identification tokens are real usernames or not? The purpose is to provide better granularity than just the IP address in the identification of the owner of a TCP connection in order to communicate that information when the need arises. This granularity is provided regardless of whether the tokens are real user names or some kind of encrypted identifier only understood by the server operator. The benefit comes from being able to tell the remote operator which identifier was linked to a particular TCP connection. And, if the remote operator refuses to cooperate, installs a server that transmits random garbage rather than appropriate identifiers, or whatever else in that fashion, then of course there is no benefit to either party, but I suppose that is the case whenever any networking protocol is abused with respect to semantics. You can tell lies in any language... However, I do agree that use of the IDENT protocol does not prevent (in the technical sense) SMTP mail forgeries, but rather helps tracing the forger. It may be regarded as a kind of 'social prevention' or deterrent if the would-be forger knows about the existance of IDENT on the host he intends to use, but if the forger is also the operator of his own host (such as in the PC case), he can of course continue to abuse his network access until his victims have excommunicated all the hosts he controls. -- Anders Andersson, Dept. of Computer Systems, Uppsala University Paper Mail: Box 520, S-751 20 UPPSALA, Sweden Phone: +46 18 183170 EMail: andersa@DoCS.UU.SE
- ``WHY TAP?'': A White Paper Daniel J. Bernstein
- Re: ``WHY TAP?'': A White Paper Theodore Ts'o
- Re: ``WHY TAP?'': A White Paper Anders Andersson
- Re: ``WHY TAP?'': A White Paper Theodore Ts'o
- Re: ``WHY TAP?'': A White Paper Anders Andersson
- Re: ``WHY TAP?'': A White Paper Peter Eriksson
- Re: ``WHY TAP?'': A White Paper Daniel J. Bernstein
- Re: ``WHY TAP?'': A White Paper Daniel J. Bernstein