Re: 2 questions...

[Derek Atkins <warlord MIT EDU>]

Colin Walters <walters verbum org> writes:

> Seriously, what's the difference to the end user? 

Having to type their password first?
Having to restart gaim or psi or other apps because there's a
race condition between login and network startup?

> As far as technical implementation I don't see using cached credentials
> to be less "straightforward" than trying to do network configuration
> before login.

Caching credentials is a HARD problem.  How is PAM supposed to 
know my kerberos password, unless it stores it somewhere?  I don't
want PAM to store my _kerberos_ password.

Meanwhile, storing network passwords in a place that only root/NM
can get to it?  Not so big a deal in my mind.  These passwords
don't authenticate me, per se.  They just let me on the network.
I still need to use Kerberos, SSH, etc. in order to _do_ anything
on the network.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord MIT EDU                        PGP key available