My $.03 below..
>> Read "if you're too lazy to do things the *right* way"
>> I agree with earlier posts - I wouldn't want to see the hack job of
>> turning a mail protocol into an authentication protocol included in
>> the distribution. That would suggest this is an acceptable practice
>> for production, when I think anybody in their right mind wouldn't do
>> nor recommend this.
> [Difficulty of setting up RADIUS]
> 2003 Windows server is another Effort (note the capital E's on effort -
Really - more to the point is that there are a _lot_ of authentication
methods and protocols out there. I'd say that perhaps 30% of the
enterprises I've consulted with use radius (and often that infrastructure
was only setup to deal with OTP - ie token cards, or challenge response of
some type -- which probably won't work with m0n0's radius anyway). So
yeah, RADIUS is nifty and can be setup for m0n0 if this is a brand new
WISP. But what about all the companies out there that want to add a few
authenticated hotspots to a building or two for their corporation? Say
they use NIS, NIS+, LDAP, Oracle, MySQL, scp'd text files, secret decoder
rings... m0n0 can't support everything.
Imap/pop is a pretty nifty idea since no matter what people are using in
the back, they probably let their users get email somewhere (though even
that won't work everywhere as mailserver footprint may not overlap the
wireless footprint well). Given the various
insanity of authentication and what 'enterprises' use to glue different
systems together (I've seen Oracle<->NIS<->NIS+<->text<->LDAP), IMAP is
not overly complex, it's stable, and well supported. I would say that if
IMAP/Pop is used for auth then IMAPS / POPS (ie - over SSL) should at
least be an option.
If IMAP support isn't added - I would say LDAP and MySQL should be
added.. But even with all 3, IMAP really seems more useful for a large
number of scenarios.. Even if it's not really an authentication protocol.