Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 60970 invoked from network); 2 Feb 2007 15:26:05 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Feb 2007 15:26:04 -0000 Received: (qmail 43820 invoked by uid 500); 2 Feb 2007 15:26:10 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 43791 invoked by uid 500); 2 Feb 2007 15:26:10 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 43780 invoked by uid 99); 2 Feb 2007 15:26:10 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Feb 2007 07:26:10 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: local policy) Received: from [128.2.194.193] (HELO currant.srv.cs.cmu.edu) (128.2.194.193) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Feb 2007 07:26:00 -0800 Received: from SIRIUS.FAC.CS.CMU.EDU (SIRIUS.FAC.CS.CMU.EDU [128.2.209.170]) (authenticated bits=0) by currant.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id l12FPa0L010574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Feb 2007 10:25:37 -0500 (EST) Date: Fri, 02 Feb 2007 10:25:36 -0500 From: Jeffrey Hutzelman To: Jim Rees , g.w@hurderos.org cc: dev@directory.apache.org, krbdev@mit.edu, kerberos@mit.edu, Jeffrey Hutzelman Subject: Re: One Time Identification, a request for comments/testing. Message-ID: In-Reply-To: <20070202150508.GB15920@citi.umich.edu> References: <200701310603.l0V639Iu028764@wind.enjellic.com> <41189CE9-71F0-4602-A290-E708D0D6BF4F@wareonearth.com> <20070202150508.GB15920@citi.umich.edu> Originator-Info: login-token=Mulberry:011vPOaUBbQ90iPkbqCXH+2G1lBZRdJ0dDaPzODHM=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org On Friday, February 02, 2007 10:05:09 AM -0500 Jim Rees wrote: > So would it be fair say this is sort of like using a smartcard in that you > need both possession of the token and knowledge of a PIN? And that the > KDC guards the PIN against brute force guessing, because each guess > requires a transaction against the KDC? So stealing the token gets the > attacker nothing? No. Smart cards are not (generally) simple storage devices. What guards a smartcard PIN against brute force guessing is that you only get a limited number of tries before the card locks itself and becomes useless. And what protects the private key is the fact that only the card knows the key, so if the card is not physically present (or has been locked out due to too many wrong PIN's), it is impossible to perform crypto operations with the private key. What we're talking about here is something completely different. Yes, you need both posession of a physical object and a password. But the similarity ends there. -- Jeff