On Wed, Jun 19, 2002 at 11:42:20PM -0500, Alex Hartman wrote:
>---- Original Message -----
>From: "steve ulrich" <sulrich at botwerks.org>
>To: <tcwug-list at tcwug.org>
>Sent: Wednesday, June 19, 2002 9:58 PM
>Subject: Re: authentication mechanisms (was: Re: [TCWUG] a call to limbs
>> when last we saw our hero (Wednesday, Jun 19, 2002),
>>  Carl Wilhelm Soderstrom was madly tapping out:
>> > >  - common authentication infrastructure - karl has offered a server to
>> > >  handle some of the elements associated with creating a common
>> > >  authentication infrastructure.  i suggest interested parties start
>> > >  hammering out designs for this element
>> >
>> > let's start by asking the fundamental question of 'what are we trying to
>> > here?'
I want wireless inet access wherever I go in the twin cities.  That is
my bottom line. (ATM that is ;))
>> i think that the basic goal here is to provide an authentication
>> mechanism that folks within the group can use to determine who they
>> want to share access with.
I believe strongly in karma.  However, if someone starts to take
advantage I certainly want to be holding the appropriate switches.
>> additionally, i think that it makes a lot of sense to provide simple
>> things like dns for these nodes to unify the infrastructure.
>well, what're they authenticating to? the hotspot or the infrastructure? if
>it's the hotspot, just run somthing like wingate and audit everything that
>comes through the air... if you're a unix nut, run
>ipchains/tables/ipf/pf/whatever you prefer.
mmmm unix nuts mmmm
>I think it'd be a good idea to start creating some subdomains for those of
>us with hotspots up in the air already. However, the naming scheme i don't
>think has been resolved. Mine at home is public.wireless.goobe.net - ssid of
>goobenet-tcwug (for the public side). not quite sure how to tackle this one,
>but if you have your own domain, i'd like to suggest my scheme.
>"domain-tcwug" (minus punctuation) foocom-tcwug, botwerksorg-tcwug (some
>might be too long). Just and idea. Also, i've seen AP's that broadcast
I fully agree.  We need to come to an agreement for a naming scheme.
>"information" packets, i'm investigating how to put a "welcome" message in
>the air about mine, making some kind of refrence to AUP, yadda yadda
Very interesting.  I have not run into this.  I would love to send out
personalized beacons.  You could put our disclaimers and what not. (To
head off legal ramifications ie.  the "slimeball" spammer syndrome)
>> >
>> > possible answers that have been discussed:
>> > - roaming NoCatAuth authentication: if NoCatAuth admins subscribe to a
>> >   centralized authentication service, users who register with that
>> >   can go to NoCatAuth nodes that subscribe to the service, and get
>> >   connectivity.
>> this is what i was referring to regarding the authentication side of
>> things.
I, personally, am more concerned with topology, effeciency, and overall
ease of use than authentication.  Then again, I am a bit of an *shudder*
>> > - simple dynamic DNS, using wget and a CGI
>> > - 'real' DDNS, with BIND 9
>> the management of dns is largely tangential to this but key
>> nonetheless.  looks like another element for attention as well.
I think we are smart enough as a whole to implement an intelligent DNS
>Been looking at web based stuff for a friend of mine up here at college, so
>far, this one seems more or less sane to me... don't have a unix box up here
>running yet, but i'm gonna investigate this one a bit more.
>> >
>> > all of the above could be done, no problem.
problem? what problem? ;)
>> >
>> > the first two, are the sort of thing that killdeer.tcwug.org was
>intended for.
>> >
>> > the last one, Nate Carlson has generously offered to host on his own DNS
>> > server. I judge that to be a superior idea to using killdeer.tcwug.org;
>> > killdeer could be used as a secondary DNS server. (considering that
>> > in the same rack, and share the same UPS and hub, the value of that is a
>> > dubious, tho).
You guys crack me up.
>> i have a couple machine that can be secondary dns servers.  my home
>> network has a couple of machine which i can segment for this and i
>> have machines scattered in colocation facilities around the country
>> which can be used for this purpose as well.
>> i don't think that we're at a loss for this type of capacity.  i think
>> that anything we do should be hosted in several locations.  i'm a big
>> fan of redundancy in this type of application.
>> >
>> > are there any other ideas that I have missed?
Mission Statement. 
Does anyone have any ideas for formulating a Mission
statement?  I for one feel this is of the utmost importance.  If we do
indeed plan on filing for non-profit status (big fan of this) we will
_have_ to have a mission statement.  I know this is a "touchy" subject
with some of you, since we are still not all in agreement as to what we
are doing and how we plan to achieve what we don't agree on (that makes
little sense ,eh?).  As we build our network we must also build our
organization.  I believe the two go hand in hand.  Bob has graciously
offered us access to the work he has already done with the tclug
non-profit paper work.  I suggest we move forward with this.

I talked to my boss this evening, he is interested in forming a
relationship with the tcwug on a corp to corp level.  Arnan Services
Inc. is a local engineering firm that specializes in telecommunications.
(this is the company I work for)  We have a few radio links up in the
twin cities, some of which have been up for over 2 years.  We are
expanding our wireless network at a steady pace.  I believe, and have
conveyed to my boss, that Arnan and the tcwug may share some common

Steve has already "befriended" O'reily in the name of the tcwug.  The
concept of corporate sponsoroship is one that should not be overlooked.
Again, a mission statement would help us to clarify what we want to do
and who we want to do it with.  I for one, as I have already stated,
really just want to 1) have fun 2) make friends/connections 3) have
ubiquitous inet access.
>> >
>> --
>> steve ulrich                       sulrich at botwerks.org
>> PGP: 8D0B 0EE9 E700 A6CF ABA7  AE5F 4FD4 07C9 133B FAFC
>Again, my $.02 :)
>Alex Hartman - goober at goobe.net
>PGP Key fingerprint = 26 41 19 56 19 81 E2 BC  EE C8 1D F4 DB B8 ED B8
>"All in all is all we all are..." -Kurt Cobain RIP 1967-1994

http://autonomous.tv/			       spencer at autonomous.tv
Key fingerprint = 173B 8760 E59F DBF8 6FD2  68F8 ABA2 AB08 49C7 4754

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tcwug-list/attachments/20020620/1184c0e4/attachment.pgp