[27381] in Kerberos
Re: One Time Identification, a request for comments/testing.
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Feb 5 10:05:18 2007
From: Sam Hartman <hartmans@mit.edu>
To: g.w@hurderos.org
Date: Mon, 05 Feb 2007 10:04:55 -0500
In-Reply-To: <200702031529.l13FTTQU007148@wind.enjellic.com> (g. w.'s message
of "Sat, 3 Feb 2007 09:29:29 -0600")
Message-ID: <tslodo83aso.fsf@cz.mit.edu>
MIME-Version: 1.0
Cc: dev@directory.apache.org, kerberos@mit.edu, krbdev@mit.edu,
"Douglas E. Engert" <deengert@anl.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>>>>> "g" == g w <g.w@hurderos.org> writes:
g> On Feb 1, 6:47pm, Sam Hartman wrote: } Subject: Re: One Time
g> Identification, a request for comments/testing.
g> Good morning to everyone, hope your weekend is going well.
>> OK, so the requirements you are trying to meet are:
>>
>> 1) soft token support for flash drives.
>>
>> 2) Support for central password management.
>>
>> 3) Allow minimal or no identifying information on the token.
>>
>> Any more?
g> Just a point of clarification.
g> Are we discussing requirements for general soft token support
g> or what OTI attempts to bring to the table?
g> If the latter is the case I would offer
g> - Authentication attempt unique keying.
What is this?
g> - Token invariance across password changes. That may actually
g> be a subset of #2 above.
Why do we want this as a requirement?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos