* Issue one *
That is great wonderful of the future what you are planning to do.The callsign and password are sent in clear text form to the list server and this is a risk to the users' privacy since they may use those passwords elsewhere. The auth daemon would use a public key cryptography algorithm called RSA that would effectively solve this problem. The only way to register at the moment is at the forums. The daemon would allow users to register through a secure, RSA encrypted channel from inside the game.
But there is an issue. Users should never use the same passwords everywhere they go.
Tell the users to stop doing that. The password for BZFLAG and it's forum should not be used anywhere else.
* Issue two *
PROBLEMATIC issue, not matter what you do (Karma server and LDAP server same server or not the same server, for example) : I have read/heardShould or can the Karma server and LDAP server be one and the same?
PROVIDES: easier maintenance, both autonomously and manually
PROVIDES: easier ability for maintaining a consistent data state (no fuzzy syncing issues – it either is or isn't synced with replicants)
PROBLEMATIC: multiple areas of entry for possible abuse (unless replicants are hosted on 'trusted' systems, as far as that can be determined.)
^^If it is made by human hands, it can be broken by human hands.