I remember when i asked if it is useful to make fwtk proxies capable of
ident lookups - about 7 years ago i think ;-) i've heared people screaming
"no, no, identd is insecure and bad, don't use it!"

But what's really wrong with identd? It seems to be a good way to distinguish
users on multiuser hosts. Well, doing that via kerberos or ssl certificates
may be better, but both require some protocol intervention. So if you
do trust host users separation (and if it is compromised at root level no
method is good enough anyways), ident info can be used as well. And it is
up to you what to do with it.

Is ident still being used by anyone besides irc and smtp?

firewall-wizards mailing list