Re: [OATH-Toolkit-help] OATH Toolkit 2.6.0

[David Woodhouse]

On Tue, 2015-05-19 at 22:30 +0200, Simon Josefsson wrote:
> Can you tell me more how you would use this?  I'm not exactly sure how
> you could generalize OTP-generation in a library that still makes
> sense to an application.

The main use case I have in mind is my VPN client. The server may
require OATH tokens to authenticate. Those *could* be in a hardware
device, they could be in a PSKC file, they could be in Pledge or
something else.

My code just detects when the 'password' prompt is actually looking for
an OTP token (by various heuristics according to the VPN protocol in use
at the time), and invokes the appropriate back end to generate it.

The back end is specified by the user, of course.

I guess there could be a bunch of similar use cases where client
authentication can be automated by OATH token generation. I certainly
wasn't expecting to have to write PC/SC code for myself :)

-- 
dwmw2