South Africa On Lockdown - Coronavirus - Update!

Eric Tykwinski eric-list at truenet.com
Mon Mar 23 21:55:04 UTC 2020


I think that’s the major sticky point, I would hope we could all agree on one thing, but that also leaves one entry point of failure.  Hopefully we can all agree that FIDO2, OAUTH2, et al, with be a winner in the long run so everything can just use one simple authentication mechanism.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

> On Mar 23, 2020, at 5:23 PM, Mark Tinka <mark.tinka at seacom.mu> wrote:
> 
> 
> 
> On 23/Mar/20 22:39, Keith Medcalf wrote:
> 
>> Hardware tokens are nothing more than dedicated hardware TOTP devices with perhaps a few additional parameters programmed at manufacturing time.  Example, RSAID keyfobs are nothing more than TOTP generators with manufacturer programmed secrets and dedicated clock and display hardware with no external interface which permits access to the secret.
> 
> For some of my banks, OTP tokens are issued via their device apps. I
> used to have physical key fobs for that; those are now gone.
> 
> Admittedly, not all of my banks have made the transition. On the other
> hand, many of the banks have moved on to support Face ID and QR code
> verification via device apps.
> 
> Not specific to VPN access management, but in the same vein.
> 
> Mark.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200323/c0f55499/attachment.html>


More information about the NANOG mailing list