prompter type question
Jeffrey Hutzelman
jhutz at cmu.edu
Sat Mar 20 21:41:02 EDT 2010
--On Thursday, March 18, 2010 03:17:20 PM -0500 Nicolas Williams
<Nicolas.Williams at sun.com> wrote:
> On Thu, Mar 18, 2010 at 04:14:56PM -0400, Sam Hartman wrote:
>> >>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
>>
>> Nicolas> On Thu, Mar 18, 2010 at 01:17:37PM -0500, Will Fiveash
>> wrote:
>> >> typedef struct _krb5_prompt { char *prompt; int hidden; krb5_data
>> >> *reply; } krb5_prompt;
>>
>> Nicolas> Arguably a PREAUTH type prompt with hidden set would be a
>> Nicolas> prompt for a PIN or OTP, while a PREAUTH type prompt with
>> Nicolas> hidden unset would be an informative prompt of some kind
>> Nicolas> (any kind).
>>
>> Hmm.
>> I'd expect that hidden would be clear for OTP and possibly pin.
>
> I wouldn't! I'd expect prompts for secrets to be echo-off.
I'd expect echo for an OTP response, if it's at all complicated, since the
user doesn't actually _know_ it the way you (or your fingers) know a PIN or
password, and complex data entry without echo can be quite error-prone.
I would not expect echo for a PIN.
-- Jeff
More information about the krbdev
mailing list