[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Unidentified subject!



hi folks,

i run djbdns at a couple of sites and while it does not have any means
to dynamically update DNS information (that's *not* an advantage of
BIND, just look at their implementation), the datafile makes
programmed edits really simple.

I want to give my users the possibility to change their zone entries
(mainly for dynIP DNS). however, i would like to do so in a very
secure way.

let's say everything works on the server, all i need is a method to
authenticate a user and upon successful authentication, pass the IP
s/he used for the authentication on to a script that takes care of the
edit.

There exists a fake POP3 server that does exactly this (it always
serves an empty mailbox), but it's cleartext. I would like at least
SSL, and asymmetric authentication with certificates would be the
best.

i don't really have time to implement this myself, so i am wondering
if you guys know of such a tool. I have considered GPG-signed email,
but that strikes me as a little cumbersome for the task, and it
doesn't guarantee timely changes. I've thought about an SSL website
with a form that also exposes a simple interface via HTTP, and while
i like this approach, i don't think i am capable enough to implement
a CGI securely, at least not with the time I have at hand. is there
already such a system?

any thoughts are greatly appreciated!

-- 
Please do not CC me! Mutt (www.mutt.org) can handle this automatically.
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
NOTE: The pgp.net keyservers and their mirrors are broken!
Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc

Attachment: pgpmTLGv8G2vf.pgp
Description: PGP signature


Reply to: