From: Lucio De Re <lucio@proxima.alt.za>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] ATA next
Date: Thu, 22 Jan 2004 20:36:27 +0200 [thread overview]
Message-ID: <20040122203626.F28365@cackle.proxima.alt.za> (raw)
In-Reply-To: <25ce826aaa31b7b821046e74fd4c681b@plan9.bell-labs.com>; from David Presotto on Thu, Jan 22, 2004 at 10:53:26AM -0500
On Thu, Jan 22, 2004 at 10:53:26AM -0500, David Presotto wrote:
>
> There's no reason why imapd should run on an auth server.
> Lots of services change id (cpu, rx, ssh, ...).
>
Please pardon me, I'm being lazy, now. What I could probably figure
out by reading enough man pages and code is (a) why then the TLS
imap4d service is in /rc/bin/service.auth, implying that as a
trusted service it ought to run only on an auth service (there's
a clear indication that that is expected in the cpurc text) and
(b) does imap4d not need to be able to "speak for" the new user,
which is easiest achieved on an auth server?
Assume I still don't quite grasp all the complexities of Plan 9
authentication, it is just too subtle. I have checked what I
thought was pertinent, but I kept missing something indefinite.
Lastly, and again I assume I could figure this by myself, but a
superficial search led me to believe that there's someone out there
who can explain it a little better, what are the preconditions for
imap4d to operate correctly under TLS? According to the documentation
the certificate is generated on the fly by /rc/bin/service.auth/tcp993,
but I'm not altogether convinced :-( The directory /sys/lib/ssl
in which a cert may be stored certainly did not exist before I
created it. It has remained empty since :-(
Thanks to anyone who can shed some light on this.
++L
next prev parent reply other threads:[~2004-01-22 18:36 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-22 14:23 Lucio De Re
2004-01-22 15:22 ` jmk
2004-01-22 18:19 ` Lucio De Re
2004-01-22 19:13 ` jmk
2004-01-23 5:19 ` Lucio De Re
2004-01-23 9:11 ` Charles Forsyth
2004-01-23 9:37 ` Lucio De Re
2004-01-23 16:38 ` jmk
2004-01-23 16:47 ` C H Forsyth
2004-01-22 15:53 ` David Presotto
2004-01-22 18:36 ` Lucio De Re [this message]
2004-01-22 19:53 ` David Presotto
2004-01-23 5:55 ` [9fans] imap4d operation (Was: ATA next) Lucio De Re
2004-01-23 16:39 ` David Presotto
2004-01-22 20:10 ` [9fans] ATA next David Presotto
2004-01-23 7:11 ` Lucio De Re
2004-01-23 9:00 ` Lucio De Re
2004-01-23 16:37 ` David Presotto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040122203626.F28365@cackle.proxima.alt.za \
--to=lucio@proxima.alt.za \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).