[Gllug] identd -- any point?

David Damerell damerell at chiark.greenend.org.uk
Tue Jun 17 11:34:57 UTC 2003


On Tuesday, 17 Jun 2003, Rev Simon Rumble wrote:
>Is there any point to running identd?
>This guy seems to think it's pointless and possibly dangerous:
>http://www.clock.org/~fair/opinion/identd.html

This guy fundamentally misunderstands the point of identd. He believes
that system A requires system B to run identd so that when a user on
system B does something bad to system A, system A knows who it is. He
then correctly points out that this relies on the assumption that
system B is well-run, which is not a safe assumption.

That's not it. You should run identd on your system because you want
to be a well-run system; in order that, if one of _your_ users does
something bad, there's a chance the victim can help you identify the
culprit. This is why you should run an encrypting identd, whose
responses are not meaningful to the remote system, but when returned
to you can be used to identify the user at your end who is
responsible.

Requiring systems making connections to run identd is not a matter of
expecting that information to be valid; it's a simple reflection of
the fact that if the systems that _are_ well run all used identd the
world would be a better places, and it encourages them to do so.

-- 
David Damerell <damerell at chiark.greenend.org.uk> Distortion Field!

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list