Re: 2 questions...



On Mon, 2005-07-25 at 20:27 -0400, Derek Atkins wrote:
> Colin Walters <walters verbum org> writes:
> 
> > Seriously, what's the difference to the end user? 
> 
> Having to type their password first?
> Having to restart gaim or psi or other apps because there's a
> race condition between login and network startup?

These are apps that could use NM, but don't.  Admittedly it's tough to
expect the world to start using NetworkManager right away, but hopefully
more and more will soon.  But I believe the intention is that these apps
get patched or fixed to not act this way in the future.  

As far as the password prompt is concerned, most people won't notice
that missing or not.  It's really a mystery to most people why and when
the computer asks for passwords, thus why Trojan horses and other
password stealer's have been successful.  While the people that do
understand authentication usually can spot these.

> > As far as technical implementation I don't see using cached credentials
> > to be less "straightforward" than trying to do network configuration
> > before login.
> 
> Caching credentials is a HARD problem.  How is PAM supposed to 
> know my kerberos password, unless it stores it somewhere?  I don't
> want PAM to store my _kerberos_ password.
> 
> Meanwhile, storing network passwords in a place that only root/NM
> can get to it?  Not so big a deal in my mind.  These passwords
> don't authenticate me, per se.  They just let me on the network.
> I still need to use Kerberos, SSH, etc. in order to _do_ anything
> on the network.

So this is kind of a rat hole of a discussion to get into, but... :-)

John Dennis wrote up this bit on ccreds [1] and as he says, "This
provides a good trade off between security and practical real world
access for mobile users."   

So this ccreds system provides the kind of user experience we're looking
for.  And I always say that if a better technical implementation can
pass the Turing test on our current user experience then I don't care
what changed.  The important part to me is the experience, if there's a
more secure way of doing things with out crapping all over the fable
people I try to defend all day, so be it. :-)

Cheers,
~ Bryan

[1] http://www.redhat.com/archives/fedora-devel-list/2004-September/msg01038.html




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]