[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] dynalogin, HOTP and SASL
From: |
Daniel Pocock |
Subject: |
[OATH-Toolkit-help] dynalogin, HOTP and SASL |
Date: |
Thu, 08 Mar 2012 23:25:17 +0100 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110702 Iceowl/1.0b1 Icedove/3.0.11 |
I've just been contemplating how to make dynalogin more useful
The current implementation only includes the test binary and an adapted
version of phpMyId (an OpenID provider)
One idea that comes to mind: SASL. Should HOTP be provided through the
PLAIN mechanism, or through some new mechanism (similar to the SECURID
mechanism)?
My understanding of PLAIN is that it is only intended for credentials
with a long lifespan, although if HOTP was supported with it's own
mechanism, then apps that only know PLAIN would not work at all.
I believe that if it works with SASL, then it will also become usable
from LDAP, and then it will work for anything that does LDAP (including
various OpenID providers, Apache basic auth, etc)
- [OATH-Toolkit-help] dynalogin, HOTP and SASL,
Daniel Pocock <=