Re: [DotGNU]password and walet facilities in KDE

[Gopal.V]

Hi,
> Why can't the user's own machine offer roaming access.
>  In fact, I do it all the time.  Apachie runs a small
> private web server that I use to access my home
> network while away.  The only problem that dial-up
> users have is no continuous net access.  And that can
> be solved with something like UServe.    
        From what I read about UServ, it offers persistant 
content by replication of data. But I *don't* want my
passwords to be stored on an untrusted machine. M$ is
providing a secure (what they call secure) server to 
store this. How do I trust Userv when it puts away 
valuable/sensitive data like passwords in some remote 
untrusted machine where it might be compromised.

        Updation of data in UServ is a major issue. It's
great for static HTML pages that change once in a while.
But my password list is added to/modified on a day to day
basis. So how do I update all the other nodes hosting my
data everyday ?.eg in Gnutella, I have seen various versions
/incomplete data etc will UServ be any better ?

        The best solution is to provide LDAP style roaming access
with good access controls. Just like Jabber manages the Roster
list, protected by a password. This looks more like a browser
based single login scheme which is more secure than the passport
scheme. Also this does not need any change in the webpage to
use this new scheme.(no application = no ASP =lower costs)

Gopal.V
-- 
 The difference between insanity and genius is only measured by success
 //===<=>===\\
|| GNU RULEZ ||
 \\===<=>===//