On Fri, 2002-08-09 at 09:27, Richard Hoffbeck wrote: > IT manages access to the e-mail system, and so on. They've done this in > the belief that someone in finance, properly trained, is in a better > position to serve as a gatekeeper to the financial applications than > someone in IT. Maybe, maybe not, we'll have to see. Agreed. It's hard to say without lots of hard experience in it, and I don't know of too many places really talking about the pitfalls yet. I've seen the pitch though. It could be good, it could blow up badly. > People have successfully dealt with the issue of distributed security in > the past. Kerberos comes to mind (I don't recall if NFS plays with > Kerberos or whether you need to use AFS), and the MS security model Theres been some hacks to NFS to support kerberos, but from what I hear AFS is really the way to go, for now. Does anyone else here have good information on this subject? I know at least one of you out there has production AFS servers that they interact with... VMS tho, yikes. I'm not old enough to have worked with one of those. :) -- Scott Dier <dieman at ringworld.org> http://www.ringworld.org/