[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [OATH-Toolkit-help] Storage of credentials
|
From: |
Max Thoursie |
|
Subject: |
Re: [OATH-Toolkit-help] Storage of credentials |
|
Date: |
Fri, 18 Mar 2011 16:55:58 +0100 |
This to should have gone to the list /max
On Fri, Mar 18, 2011 at 2:13 PM, Max Thoursie <address@hidden> wrote:
> 2011/3/18 Jean-Michel Pouré - GOOZE <address@hidden>:
>> Le vendredi 18 mars 2011 à 11:14 +0100, Max Thoursie a écrit :
>>> I had a breif discussion with Simon regarding how to store user
>>> credentials (alternatives to the /etc/users.oath file) before he
>>> pointed me to this mail-list. Let's continue the discussion here!
>>
>> I would like to point out that PostgreSQL offers X.509 certificates
>> encrypted tables. The leak point in OATH is the seed, which must be
>> protected using the best tools.
>>
>> Also, I am against file storage, as you can hardly build a GUI on top of
>> it. Using database makes it easier to make a GUI.
>
> I think the option of file storage is essential to keep the ease of
> setup. Many admins never use GUI tools.
>
> Likewise, having the option of database like backend such as LDAP
> would be much more flexible for larger setups and GUI tools.
>
> Cheers
> Max
>
Re: [OATH-Toolkit-help] Storage of credentials, Jean-Michel Pouré - GOOZE, 2011/03/18