On Friday 30 August 2002 13:11, Bill Studenmund wrote:
>
> You assume all auth modules will be using the network. One of the biggies
> I have in mind is something that would use dedicated hardware. Like
> securecards or some other thing. There you're talking to a local device,
> which will be around. While probably not super-common, these are the kinds
> of things that get added as site-mandates (i.e. if the site decides to use
> it, they tend to require ALL boxes to use it).

Mm.. just to point something out here: what percentage of our total userbase 
actually has (or even intends to use) a smartcard or hardware-based 
authentication device? And what makes you think that the drivers for 
smartcard or hardware-based authentication are going to be anything but 
one-offs for the people who use them?

And even if they are well-used; What companies are going to want to donate 
their hardware-specific security drivers back to the NetBSD project in source 
form for the rest of us to puzzle at (and exploit)? And even if they do--how 
much of the rest of the NetBSD population is going to own these devices and 
make use of the drivers?

I'd hate to end up with a framework that needs to be specially accommodated by 
the rest of us just to satisfy some numerically insignificant minority.

(In other words--this in particular is a bad reason. The other reasons I'm 
probably not qualified to comment on--this one I am. I realize we're 
meandering towards embedded devices but if that's the case, then say so--"The 
future is embedded devices and this is part of that direction.")