Domain: skills-1st.co.uk
Stories and comments across the archive that link to skills-1st.co.uk.
Comments · 8
-
Re:uh oh, there goes wikipediahttp://tecfa.unige.ch/~nova/img/spam-map.jpg -- Spam map
http://www.skills-1st.co.uk/papers/brunel-mirror/w orld-on-your-desktop/internet-map.gif -- Internet map (circa '94)
You'll notice that every nation on the Internet produces spam. Interestingly, in the US the cities that would be most affected by a "block by geography" policy would be LA, Seatle, Dallas, and New York. Spam originates in all nations that have Internet and is most densely located in areas that are most populated. Your policy may work on a case by case basis, but if someone were to block all emails I get from New York I think my boss would be pretty pissed. Korea I can live without, but none of my spam seems to come from there, it comes from client addresses that are scraped by US companies.
-
Re:I could be wrong...
From this page: http://www.skills-1st.co.uk/papers/afindlay.html
I found this an interesting examination of the subject:
"'Planning for an open-source entrant in the PKI interoperability trials' - the result of a feasibility study undertaken in May 2001. Details components that could be used to build an open-source entrant for the trials being conducted by CESG for the Office of the E-Envoy. The focus is on PKI functions to support signed and/or encrypted e-mail."
The paper is available in HTML and PDF:
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.html
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.pdf -
Re:I could be wrong...
From this page: http://www.skills-1st.co.uk/papers/afindlay.html
I found this an interesting examination of the subject:
"'Planning for an open-source entrant in the PKI interoperability trials' - the result of a feasibility study undertaken in May 2001. Details components that could be used to build an open-source entrant for the trials being conducted by CESG for the Office of the E-Envoy. The focus is on PKI functions to support signed and/or encrypted e-mail."
The paper is available in HTML and PDF:
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.html
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.pdf -
Re:I could be wrong...
From this page: http://www.skills-1st.co.uk/papers/afindlay.html
I found this an interesting examination of the subject:
"'Planning for an open-source entrant in the PKI interoperability trials' - the result of a feasibility study undertaken in May 2001. Details components that could be used to build an open-source entrant for the trials being conducted by CESG for the Office of the E-Envoy. The focus is on PKI functions to support signed and/or encrypted e-mail."
The paper is available in HTML and PDF:
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.html
http://www.skills-1st.co.uk/papers/planning-os-pki /paper-for-workshop-15-06-2001.pdf -
Re:OpenLDAP Schemas?
You are right about the lack of good material on schema design. I surveyed the web a few months ago and found very little (and some of what I did find was trying to treat LDAP as a relational database!).
As a result, I ended up presenting a paper on LDAP Schema Design at the UKUUG Winter Conference. The paper covers issues of tree design and also entry design, and explains why the examples used in X.500 and early LDAP documents are not indicators of good practice. The full paper is available from my own website in both HTML and PDF formats.
In answer to your question about existing classes and attributes, I suggest getting either GQ or jXplorer - both include schema browsers which can help you to understand the relationships between the various elements. GQ may be in your favourite Linux distro. jXplorer is Java-based and I have run it happily on both Linux and Windows. In both cases you need a running LDAPv3 server as the schema that they display is the "live" one.
Andrew Findlay, Skills 1st Ltd
-
Re:OpenLDAP Schemas?
You are right about the lack of good material on schema design. I surveyed the web a few months ago and found very little (and some of what I did find was trying to treat LDAP as a relational database!).
As a result, I ended up presenting a paper on LDAP Schema Design at the UKUUG Winter Conference. The paper covers issues of tree design and also entry design, and explains why the examples used in X.500 and early LDAP documents are not indicators of good practice. The full paper is available from my own website in both HTML and PDF formats.
In answer to your question about existing classes and attributes, I suggest getting either GQ or jXplorer - both include schema browsers which can help you to understand the relationships between the various elements. GQ may be in your favourite Linux distro. jXplorer is Java-based and I have run it happily on both Linux and Windows. In both cases you need a running LDAPv3 server as the schema that they display is the "live" one.
Andrew Findlay, Skills 1st Ltd
-
Re:Samba starter question?
As Steve Jobs would want, here are the 'Lickable Links':
To centralize auth you can use:
NIS/NIS+ + PAM
OpenLDAP + PAM and More
SAMBA + PAM
Advanced LDAP/Samba
PAM is the way to go -
Re:Samba starter question?
to centralize auth you can use
:
+ NIS/NIS+ + PAM -> http://www.tldp.org/HOWTO/NIS-HOWTO/index.html
+ OpenLDAP + PAM -> http://www.mandrakesecure.net/en/docs/ldap-auth2.p hp
http://www.skills-1st.co.uk/papers/security-with-l dap-jan-2002/security-with-ldap.html
+ SAMBA + PAM -> http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.h tml
http://www.mandrakesecure.net/en/docs/samba-ldap-a dvanced.php
PAM is the way to go -> http://www.kernel.org/pub/linux/libs/pam/