[27381] in Kerberos

home help back first fref pref prev next nref lref last post

Re: One Time Identification, a request for comments/testing.

daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Feb 5 10:05:18 2007

From: Sam Hartman <hartmans@mit.edu>
To: g.w@hurderos.org
Date: Mon, 05 Feb 2007 10:04:55 -0500
In-Reply-To: <200702031529.l13FTTQU007148@wind.enjellic.com> (g. w.'s message
	of "Sat, 3 Feb 2007 09:29:29 -0600")
Message-ID: <tslodo83aso.fsf@cz.mit.edu>
MIME-Version: 1.0
Cc: dev@directory.apache.org, kerberos@mit.edu, krbdev@mit.edu,
   "Douglas E. Engert" <deengert@anl.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

>>>>> "g" == g w <g.w@hurderos.org> writes:

    g> On Feb 1, 6:47pm, Sam Hartman wrote: } Subject: Re: One Time
    g> Identification, a request for comments/testing.

    g> Good morning to everyone, hope your weekend is going well.

    >> OK, so the requirements you are trying to meet are:
    >> 
    >> 1) soft token support for flash drives.
    >> 
    >> 2) Support for central password management.
    >> 
    >> 3) Allow minimal or no identifying information on the token.
    >> 
    >> Any more?

    g> Just a point of clarification.

    g> Are we discussing requirements for general soft token support
    g> or what OTI attempts to bring to the table?

    g> If the latter is the case I would offer

    g> 	- Authentication attempt unique keying.

What is this?

    g> 	- Token invariance across password changes.  That may actually
    g> be a subset of #2 above.


Why do we want this as a requirement?

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post