If host X supports RFC 931, and if joe@X and sally@Y are connected
through TCP, then sally can find out the name of joe. This package
includes authd, an RFC 931 server. Once you've installed it, your users
can't escape the authentication: if they telnet or rlogin or send mail
or do whatever to another host, that host can find out the username.

This package also includes a library that acts as an RFC 931 client. You
don't need privileges to use the library, which should compile and run
without trouble on any BSD-derived system. (authd is not so portable;
although it works without changes under SunOS and Ultrix, it might not
work on other systems. The package includes a couple of test programs.)

authd and authuser have been reported to work on the following systems.

  Sun 2/170, SunOS 4.0
  Sun 4/280, SunOS 4.0.3
  Sun 3/160, SunOS 4.1
  Sun 3/180, SunOS 4.1
  DECsystem-5820, Ultrix 4.0
  DECStation-5400, Ultrix 4.1
  VAX 8650, Ultrix 4.1
  VAX (?), BSD 4.3
  Convex C210, Convex UNIX 8.0

I've placed this code into the public domain because I think that
everyone should support at least this level of security. I'm sick of
seeing people forge mail and spoof NNTP and attack systems anonymously
through the network. Now they won't be able to, because every connection
will be tagged with the username with at least as much security as the
TCP host address in each packet. I hope that every site will do its part
to contribute to network security (and to help CERT trace intruders).

It should take approximately 10 minutes to read the instructions and
compile, install, and test authd on a new machine. It should take
approximately 2 minutes on each new machine once you're familiar with
the instructions. Send comments on these estimates to brnstnd@nyu.edu,
cc the Office of Management and Budget, Paperwork Reduction Division.

---Dan Bernstein, brnstnd@nyu.edu
