On Tue, 22 Feb 2005, Eli wrote:
> > I think you're missing the point. Anyone who *cares* about their
> > identd would be running encrypted tokens, and they cannot be faked
> > without an even more-serious security compromise.
>
> Interesting, never heard about encrypted tokens,
Oh dear. Google strikes again - this was its number 1 hit:
http://hepwww.rl.ac.uk/sysman/may98/af_security/tsld001.htm
I *did* say, didn't I, that this was some years back? As you see,
this was 7 years ago. An eternity in Internet years...
Anyway, the pertinent issue is
http://hepwww.rl.ac.uk/sysman/may98/af_security/tsld019.htm
and so on.
(But it's not just me who's saying it. I only made the mistake of
being at the head of the game in matters of web indexer accessibility.
My marmalade recipe suffers from the same problem ;-)
