hi folks, i run djbdns at a couple of sites and while it does not have any means to dynamically update DNS information (that's *not* an advantage of BIND, just look at their implementation), the datafile makes programmed edits really simple. I want to give my users the possibility to change their zone entries (mainly for dynIP DNS). however, i would like to do so in a very secure way. let's say everything works on the server, all i need is a method to authenticate a user and upon successful authentication, pass the IP s/he used for the authentication on to a script that takes care of the edit. There exists a fake POP3 server that does exactly this (it always serves an empty mailbox), but it's cleartext. I would like at least SSL, and asymmetric authentication with certificates would be the best. i don't really have time to implement this myself, so i am wondering if you guys know of such a tool. I have considered GPG-signed email, but that strikes me as a little cumbersome for the task, and it doesn't guarantee timely changes. I've thought about an SSL website with a form that also exposes a simple interface via HTTP, and while i like this approach, i don't think i am capable enough to implement a CGI securely, at least not with the time I have at hand. is there already such a system? any thoughts are greatly appreciated! -- Please do not CC me! Mutt (www.mutt.org) can handle this automatically. .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system NOTE: The pgp.net keyservers and their mirrors are broken! Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc
Attachment:
pgpxlG1AOPVi3.pgp
Description: PGP signature