httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roy Fielding <>
Subject Re: secure transfer using skey
Date Fri, 01 Sep 1995 20:21:36 GMT
>I can't see any obvious synchronisation issues here.

The one-time-password generators on each system need to be synchronized
(probably the wrong word, since they aren't clocks) because the 
generator increments the seed on each password generated, which works
just fine until the server generates a password which never gets seen
by the client.  However, this is just from memory of a conversation
I had eight months ago, so it may be completely bonkers.  I believe
this problem may be addressed by the newer specification.


View raw message