[LWN Logo]

Date:	Tue, 26 Jan 1999 11:33:14 -0800
From:	Aleph One <aleph1@UNDERGROUND.ORG>
Subject:      Administrivia
To:	BUGTRAQ@NETSPACE.ORG

--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

        As you might have noticed, the signature of some PGP signed
messages sent to the list do not verify correctly, as was the case
yesterday with Wietse's email. Sometimes the signatures verify just fine.
This was the result of LISTSERV performing tabs expansion on messages,
a legacy of its mainframe roots (know of many mailing list management
software that performs ASCII to EBCDIC translation?). I've turned this
feature off. If all goes well this message with tabs will have a valid=20
signature.

	I am killing the SSH thread unless someone has anything new to
add. It simply comes down to the fact that SSH, like all other services,=20
must check all available authorization policies before providing its
service. But the large set of possible restrictions implemented by
different unix flavors (account expiration, password expiration, time
of day, source location, load, etc) almost assure that it will miss
some of them.

	This is something that PAM can alleviate, as ideally all=20
possible authorization policies could be implemented via PAM modules,
regardless of the service itself. Another solution is the use of
one of the available authorization servers (like the HP Presidum).

--=20
Aleph One / aleph1@underground.org
http://underground.org/
KeyID 1024/948FD6B5=20
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01=20

--MW5yreqqjyrRcusr
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: SzIIpkflPSYInfet4ew+lomFDtAmFF0t

iQCVAwUBNq4KaKIpBheUj9a1AQGelAP7BZ1+dMOacbnZoV0jXFWCX6DL4uADqRDw
TxBhr3M6VfHoLgzexlHPTC58OpMHO6XnXaeK+WJeuQQAK/zPrKX9EQ533yur1YD+
VDwlkODy7ft1WssRMI3ZZk3cM9XsyNHeAuC7pEEoSj7SghzQKkykbfyB5iwPqbPo
cCfvwVJtRAA=
=53dr
-----END PGP SIGNATURE-----

--MW5yreqqjyrRcusr--