From owner-freebsd-current@freebsd.org  Wed Jun 15 07:12:37 2016
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7BB87B84980;
 Wed, 15 Jun 2016 07:12:37 +0000 (UTC)
 (envelope-from danny@cs.huji.ac.il)
Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.116.210])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 334011212;
 Wed, 15 Jun 2016 07:12:36 +0000 (UTC)
 (envelope-from danny@cs.huji.ac.il)
Received: from chamsa.cs.huji.ac.il ([132.65.80.19])
 by kabab.cs.huji.ac.il with esmtp
 id 1bD4zy-0000wb-IM; Wed, 15 Jun 2016 10:12:26 +0300
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: [CFT] ypldap testing against OpenLDAP and Microsoft Active
 Directory
From: Daniel Braniss <danny@cs.huji.ac.il>
In-Reply-To: <20160615012202.GM1072@albert.catwhisker.org>
Date: Wed, 15 Jun 2016 10:12:26 +0300
Cc: Chris H <bsd-lists@bsdforge.com>,
 freebsd-current@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <E8CC9FAF-1B92-4E56-89E8-C712688B360B@cs.huji.ac.il>
References: <CAG=rPVeiPvfBdnmieEHG_0Jp8ZxvTQr-sLdSkutWD5cYhdk9SA@mail.gmail.com>
 <7c39e5ac-3ed7-f19a-e175-d27af07eea47@delphij.net>
 <CAOfEmZhkfxBcvDPS5tBYLXnHuzHJ7X7B2j6=BRBHquc8=bevGg@mail.gmail.com>
 <5fc80d8ee559336a657514b3f2ec2a33@ultimatedns.net>
 <20160615012202.GM1072@albert.catwhisker.org>
To: current@freebsd.org
X-Mailer: Apple Mail (2.2104)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 07:12:37 -0000


> On 15 Jun 2016, at 04:22, David Wolfskill <david@catwhisker.org> =
wrote:
>=20
> On Tue, Jun 14, 2016 at 05:17:19PM -0700, Chris H wrote:
>> ...
>> Honestly, I think the best way to motivate people to do the right =
thing(tm)
>> Would be to remove Yellow Pages from the tree, entirely. :-)
>> It's been dead for *years*, and as you say, isn't safe, anyway..
>> ....
>=20
> "Safe" for what, precisely?
>=20
> It's a lookup service.  It is not limited to looking up authentication
> information, and never has been.
>=20
> And it's a mechanism that has been widely implemented.
>=20
> The catchphrase "Tools, not policy" comes to mind.
>=20
> Peace,
> david

probably this is a bit too late, but we have been using MIT=E2=80=99s =
DNS/Hesiod since the days
when:
	ypserver not responding
was popular, and true, it=E2=80=99s not only for password/group.

my .5 cents

danny