---------- Forwarded message ----------
Date: Thu, 05 Oct 1995 12:16:12 +0100
From: Harald.T.Alvestrand@uninett.no
To: vac-wg@naic.nasa.gov
Subject: Re: vac-wg Skeletal framework for the protocol
If the object of encryption is to avoid snooping, steal the IMAP spec.
If the object of encryption is client/server authentication, steal the
MD5 authentication spec.
Don't steal the RADIUS protocol as it currently is; there's a large
security hole in it, I'm told, which renders it useless for something
that is going to be used over a wide area network with no intrinsic security.
It's probably one of the things that will change from the current RADIUS
spec to the spec that is output from the RADIUS WG.
I wrote a totally dain-bramaged client for this protocol (sans encryption)
that is currently running on domen.uninett.no, port 2345. Try it!
Its ratings are:
- size: smaller is better, anything below 1K is perfect
- sex: big GIFs are dangerous, small GIFs are OK, URLs with "sex" in
them are not.
Uses HTTP HEAD to gather information about URLs.
100 lines of PERL code, most stolen from other places. Elapsed time: 45
minutes.
So, now it is possible to implement a ratings-checking client :-)
Harald A
Harald A