directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeffrey Hutzelman <jh...@cmu.edu>
Subject Re: One Time Identification, a request for comments/testing.
Date Thu, 01 Feb 2007 22:21:10 GMT


On Thursday, February 01, 2007 05:15:56 PM -0500 Jeffrey Hutzelman 
<jhutz@cmu.edu> wrote:

>
>
> On Thursday, February 01, 2007 03:06:21 PM -0600 g.w@hurderos.org wrote:
>
>>> What keeps a user from copying the identity token from the USB
>>> device to a local or shared file system to avoid having to insert
>>> the USB device all the time?
>>
>> We were considering public flogging but were unsure if we could get it
>> into an IETF draft.
>
> <wg chair hat on>
>
> Anyone can submit an internet-draft; just write up your proposal
> according  to <http://www.ietf.org/ietf/1id-guidelines.html> and send it
> off to  internet-drafts@ietf.org.
>
> You should then bring up your proposal on the Kerberos Working Group
> mailing list, ietf-krb-wg@anl.gov.  We're beginning to move into the area
> of preauthentication and improving the initial authentication exchange,
> and  while I can't guarantee that your proposal will be well-received, it
> will  certainly receive the same consideration as a number of others that
> have  recently been raised.
>
> <wg chair hat off>

Of course, I should note that it's your OTI proposal that I'm suggesting 
you bring to the working group.  The bit about public flogging should be 
written up separately and sent directly to rfc-editor@rfc-editor.org, 
without prior publication as an I-D, per item 19 in the FAQ at 
<http://www.rfc-editor.org/rfcfaq.html>

-- Jeff

Mime
View raw message