tgt@cbnewsg.cb.att.com (Tim Thompson) (02/07/91)
[ I'm sure I'm going to regret opening this can of worms, but. . .] We're looking to expand the scope of our NNTP service within Bell Labs. One of the requirements before doing so, however, is having the ability to make sure that those using our centralized NNTP servers are in fact authorized to do so. I've seen the currently existing AUTH stuff in NNTP 1.5.11, but having to maintain a file on each client with the password in plain text isn't going to fly with our security folks. I've also just read the NNTP Version 2 DRAFT RFC which Brian Kantor posted to news.software.nntp. I like what I see in this from an initial (and somewhat cursory) reading, but I also have a need to provide some level of user authentication now. I vaguely remember the auth package provided by Dan Bernstein, but am not sure it it fits the bill for what I need to do locally. What have others done to resolve this issue? Surely I'm not the only one who has this need. Any and all e-mail on the subject appreciated. Tim Thompson tim.g.thompson@att.com