[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Adrian Midgley wrote: | | How should this be implemented using FLOSS? | | Who should do the engineering?
It is relatively straight forward technically, people building LDAP servers just boost up multiple read only replica's to scale the technology.
Even the updates on a million users won't exceed modern technology, kind of like the DNS.
Delegation of DNS is for management and update reasons, the entire public DNS databases could probably be implemented on relatively small number of central servers these days, but no one is seriously proposing to do it that way (afaik).
The problem with a 1,000,000 user authentication scheme is management and scoping, what happens if it is compromised? All 1,000,000 peoples details go walk about. If it goes wrong do we have a million idle workers (ala DWP fiasco?). Who is going to understand and modify a system to meet a million users diverse needs?
The solution of course is to build local systems that interoperate using agreed standards. Moves the management headache into agreeing and controlling the standards.
The technical aspects of the problem are easy, I mean if AOL can do it.... I suspect there are probably ISPs out there who authenticate similar numbers of users using FLOSS already.
Integrating other systems is possible if your authentication is seen as a seperate modules (like PAM). But ISPs only have a limited scope in the systems they need to integrate, they only provide a gateway in to most of the systems their users need, and making that integration is probably the major technical headache for most ISPs.
Some of the ISPs are moving now to sharing authentication service out to other sites, so you can use the login at one site to access services at another. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCMiqaGFXfHI9FVgYRArNeAKCbSTverzj9zT/OnBP4YR11BwcHuQCgzu5Q 3Lv919olLABYSrlpNUfEiac= =EAAt -----END PGP SIGNATURE-----
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html