directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Rees <r...@umich.edu>
Subject Re: One Time Identification, a request for comments/testing.
Date Fri, 02 Feb 2007 15:05:09 GMT
So would it be fair say this is sort of like using a smartcard in that you
need both possession of the token and knowledge of a PIN?  And that the KDC
guards the PIN against brute force guessing, because each guess requires a
transaction against the KDC?  So stealing the token gets the attacker
nothing?

Mime
View raw message