Just to clear up a question that was raised....
>
> The latest version of osf/1 (v3.0) has the ability to use XDM-AUTHORISATION-1
> (something I'm a little confused about because I thought this used DES encryp
tion
> which us guys outside of the US don't get exported to us) for the Xserver pro
cess to
> authenticate clients.
>
XDM-AUTHORISATION-1 is indeed based on DES. Instead of a 'magic cookie'
which is passed over the wire (which can be very easily grabbed with
a network sniffer), XDM-AUTHORISATION-1 relies on a shared secret key
that is used to encrypt/decrypt the authorization string.
The use of DES by XDM is permitted under export rules as it is NOT a
general purpose encrypt/decrypt implementation, but is instead
restricted to authentification/authorization.
+-------------------------------------------------------------+
Dave Hill Unix Software Group
Mailstop: ZKO3-3/Y15 (dtn) 381-2985
Digital Equipment Corp. (603)881-2985
110 Spitbook Drive enet: ddhill_at_zk3.dec.com
Nashua, NH 03062-2698 decnet: gooey::ddhill
+-------------------------------------------------------------+
Received on Tue Jan 03 1995 - 11:39:58 NZDT