[OATH-Toolkit-help] dynalogin, HOTP and SASL

oath-toolkit-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] dynalogin, HOTP and SASL

From:	Daniel Pocock
Subject:	[OATH-Toolkit-help] dynalogin, HOTP and SASL
Date:	Thu, 08 Mar 2012 23:25:17 +0100
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110702 Iceowl/1.0b1 Icedove/3.0.11


I've just been contemplating how to make dynalogin more useful

The current implementation only includes the test binary and an adapted
version of phpMyId (an OpenID provider)

One idea that comes to mind: SASL.  Should HOTP be provided through the
PLAIN mechanism, or through some new mechanism (similar to the SECURID
mechanism)?

My understanding of PLAIN is that it is only intended for credentials
with a long lifespan, although if HOTP was supported with it's own
mechanism, then apps that only know PLAIN would not work at all.

I believe that if it works with SASL, then it will also become usable
from LDAP, and then it will work for anything that does LDAP (including
various OpenID providers, Apache basic auth, etc)

[Prev in Thread]

Current Thread

[Next in Thread]

[OATH-Toolkit-help] dynalogin, HOTP and SASL, Daniel Pocock <=
- Re: [OATH-Toolkit-help] dynalogin, HOTP and SASL, Simon Josefsson, 2012/03/12
  - Re: [OATH-Toolkit-help] dynalogin, HOTP and SASL, Daniel Pocock, 2012/03/12
    - Re: [OATH-Toolkit-help] dynalogin, HOTP and SASL, Simon Josefsson, 2012/03/13

Next by Date: Re: [OATH-Toolkit-help] dynalogin, HOTP and SASL
Next by thread: Re: [OATH-Toolkit-help] dynalogin, HOTP and SASL
Index(es):
- Date
- Thread