> DH> Kerberos is far from an ideal solution itself.
 > 
 > Yep, but it at least does one thing well: authentication.  It's not
 > easy to administer, it's not terribly easy for users to understand,
 > and it doesn't handle administrative information (GECOS info,
 > username, UID, etc.), but at least it manages authentication well.

For some values of "well". I don't really want to get into this
argument, though.

 > I've been thinking for a long time of designing something to take the
 > place of yp, which could be installed alongside kerberos, but it seems
 > a very daunting project.

Hesiod?

-- 
   - David A. Holland             | (please continue to send non-list mail to
     dholland@cs.utoronto.ca      | dholland@hcs.harvard.edu. yes, I moved.)