One Time Identification, a request for comments/testing.

Jeffrey Hutzelman jhutz at cmu.edu
Fri Feb 2 14:28:03 EST 2007


On Fri, 2 Feb 2007 g.w at hurderos.org wrote:

> That being said I'm certainly no IETF politician.

Good.  Neither are the rest of us, for the most part.  What we are is
engineers trying to produce quality network protocol standards, preferably
in non-infinite amounts of time.  If you have something to contribute,
please do.


> Its not sexy, nor fun, like building a
> new desktop environment so there is a paucity of Open-Source interest
> in the arena.

On the contrary, I think you'll find there are plenty of people who
consider work at this level fun.  I, for one, consider things like a good
desktop environment important but have absolutely no desire to actually
work on them.  It really does take all kinds, or at least more than one
kind.

> The only organizational challenge is dealing with the user who forgot
> their CryptoCard the last time they flew to Europe and now have it
> securely duct taped to the back of their laptop, with the pin number
> written in magic marker on the duct tape so they don't forget it.

Yes; hardware tokens have some of the same challenges as softtokens; they
just manifest themselves in slightly different ways.  The comment someone
made earlier about using a thumbprint scanner in place of a PIN(*)
intrigues me, though I'm not yet convinced it's actually feasible, and of
course it doesn't apply in the situations where you want a softtoken to
avoid special hardware.


Just to be clear, I'm not suggesting that there is no place for soft
tokens, either of the traditional type which stores a private key or of
the sort you propose.  I was simply pointing out that these don't work in
the same way as hardware tokens or smartcards, or each other for that
matter.  Each technology has different features, and it's precisely
_because_ your proposal doesn't work like a smartcard that makes it
interesting in the first place.


(*) Note that what he actually proposed was using a thumbprint scanner to
produce keying material, but that's not actually workable, because the
output from such a scanner does not have enough deterministic bits to
produce a strong key.

-- Jeff




More information about the Kerberos mailing list