Smartcard and non-password methods (was Re: Password repository)
sean at donelan.com
Sun Nov 22 12:55:31 CST 2009
On Sat, 21 Nov 2009, Joel Jaeggli wrote:
> Since this plays nicely with eap-tls, 802.1x. ike, ssl/tls, and s/mime
> it seems like a shoe-in, once you have a uniform authentication system
> one is inclined to use it for everything. obviously being involved in
> several of these with with multiple ca's is something of a pain in the
> ass if it involves juggling 2 or more tokens instead of passwords.
> (which are already a problem if you have to trach quite a few
> non-overlapping ones.
Yep, there are lots of potential technologies out there. I've also
implemented several on your list. I'm trying to stay neutral about the
technology, as long as it works. I suppose my question was more about
market share/mind share. Figure out where everyone else is already go, and
then get in front of that :-).
So where is the market going beyond passwords?
More information about the NANOG