Passwdd 1.0.0 - README

I. Abstract:
------------

This is the Passwdd suite version 1.0.0. It can be used to synchronize
passwords and related information among two or more servers. It uses an
internal security library for the encryption and decryption of the
sensitive data.

Windows clients are provied. You need Microsoft Visual C/C++ 6.0 in order
to compile them.

PERL CGI clients are provided as well. They use the passwddio.so shared
library for the encryption and decryption subroutines. The appropriate
HTML forms for invoking these CGI scripts are included in the package.

II. Compatibility:
------------------

Passwdd works best on Linux systems. Here is the list of the Linux/UNIX
distributions where the suite is tested before the release:

	Slackware 7.1
	RedHat 7.0
	FreeBSD 4.2
	Debian Linux 2.2
	Sun Solaris 2.6

III. Download and web site:
---------------------------

You can download passwdd from:

ftp://ftp.sourceforge.net/...
ftp://ftp.varna.net/...
ftp://metalab.unc.edu/...

IV. Version:
------------

This document applies to version 1.0.0 of the software. Currently an older
version of the program will be distributed and when the software is
is reported to be stable enough - the first stable release 1.0.0 will be
released.

V. Security:
------------

The client and server do not exchange unencrypted passwords. They use an RSA
encryption/decryption algorithm. In order to use it you need a keypair on the
each machine running passwdd. You can create this keypair with the rsakeys
utility. However, the communication is subject to Man in the Middle Attack and
you are highly encouraged after installation and testing to check the
the matching of your public keys on each client server.
The security level depends on the length of the RSA modulus and many other
factors. Currently length 1024 is considered as good security. Note that
the RSA encryption and decryption is CPU resource consuming process and
using modulus sizes with unjustified length is waste of resources.
In case you are using the CGI clients you should provide a secure channel
from your web server to the browsers of the users. There are several SSL
libraries for the majority of the web servers now.

VI. Installation:
-----------------

VII. Authors:
-------------

VIII. Copyright:
----------------
