The new authentication stuff has a provision for checking whether an account is open or not.
It's not extensible via service contracts yet, but it would be the right approach: The account would be closed if the user hasn't accepted the terms of use.
Look in acs-authentication/tcl/authentication-procs.tcl
that´s a really good idea. right now i was checking how i could stop the users from using the system if they do not sign the acknowledgement in time :) but probably this should only apply to "whole-site" acknowledgements.
