One Time Identification, a request for comments/testing.
Sam Hartman
hartmans at MIT.EDU
Mon Feb 5 10:04:55 EST 2007
>>>>> "g" == g w <g.w at hurderos.org> writes:
g> On Feb 1, 6:47pm, Sam Hartman wrote: } Subject: Re: One Time
g> Identification, a request for comments/testing.
g> Good morning to everyone, hope your weekend is going well.
>> OK, so the requirements you are trying to meet are:
>>
>> 1) soft token support for flash drives.
>>
>> 2) Support for central password management.
>>
>> 3) Allow minimal or no identifying information on the token.
>>
>> Any more?
g> Just a point of clarification.
g> Are we discussing requirements for general soft token support
g> or what OTI attempts to bring to the table?
g> If the latter is the case I would offer
g> - Authentication attempt unique keying.
What is this?
g> - Token invariance across password changes. That may actually
g> be a subset of #2 above.
Why do we want this as a requirement?
More information about the Kerberos
mailing list