[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from
From: |
Nikos Mavrogiannopoulos |
Subject: |
[OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from HSM |
Date: |
Mon, 05 Oct 2015 13:45:42 +0000 |
User-agent: |
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 |
URL:
<http://savannah.nongnu.org/support/?108895>
Summary: oath_authenticate_usersfile() read from HSM
Project: OATH Toolkit
Submitted by: nmav
Submitted on: Mon 05 Oct 2015 04:45:41 PM EEST
Category: None
Priority: 5 - Normal
Severity: 1 - Wish
Status: None
Privacy: Public
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Operating System: None
_______________________________________________________
Details:
I've recently modified the openconnect VPN server to use liboath for one time
passwords. Having seen however various HSMs like YubiHSM and
oath_authenticate_usersfile(), it seems straightforward to extend the
oath_authenticate_usersfile() to support HSMs. The API is high level allowing
to specify a userfile (which could be a URL similarly to PKCS #11 URLs), and
thus could accommodate for more than just files.
That would greatly extend the value of this library for server applications.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/support/?108895>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from HSM,
Nikos Mavrogiannopoulos <=