really what I hope will result is a better YP/NIS+/LDAP auth scheme.

really how do you add people to the network ?

if you use NIS then your passwords are *really* insecure ie $ypcat passwd and a bunch of workstations with libcrack & BIG dictionary on it(this was what they used at my local Uni I cracked most passwords within 3 days (150 ultra10s)).

so NIS+ or NIS can only be used on trusted networks really.

LDAP gets around the nasty's of having to have your workstations config'd right and being a Standard so that most dir severs can export the format the problem is how many servers out there have used this and you have to use a mish mash of tools, basically no central information on how to do it or nice integrated tools.

IF liberty provide tools for networks to exist that can authenticate network users across platforms securely we will have harmony.

libcrypt should be AES based and network should be redundant with ability to serve out to the net so someone loging into a domain can authenticate from another domain e.g. bob@bob.com should be able to log into sun1.jones.com if jones.com auth server allows him and com's with bob.com for the auth tokens

really it's time for network authenication to step up and become cross platform and out there !

regards

john jones