[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] Re: Storage of credentials

From: Simon Josefsson
Subject: [OATH-Toolkit-help] Re: Storage of credentials
Date: Fri, 18 Mar 2011 17:02:23 +0100
User-agent: Gnus/5.110016 (No Gnus v0.16) Emacs/23.2 (gnu/linux)

Max Thoursie <address@hidden> writes:

> Bah, I faild to use the mailing list. Is it possible to set a reply-to
> header? This mail was ofcourse meant for the list. /max

Using a Reply-To often leads to private replies going to the list, which
is worse than when comments intended for the list goes to the author
only.  So I prefer to not use a reply-to.  Most reasonable mail clients
have a "followup" button next to the "reply" button that will do the
right thing too.  See also:



> On Fri, Mar 18, 2011 at 2:08 PM, Max Thoursie <address@hidden> wrote:
>> On Fri, Mar 18, 2011 at 12:13 PM, Daniel Pocock <address@hidden> wrote:
>>>> I had a breif discussion with Simon regarding how to store user
>>>> credentials (alternatives to the /etc/users.oath file) before he
>>>> pointed me to this mail-list. Let's continue the discussion here!
>>> This is essentially why I built dynalogin as an extra layer around HOTP
>>> - you can then put dynalogin and the secrets on a dedicated, hardened
>>> machine.  The secrets never travel on the network, it simply gives
>>> yes/no responses to the auth requests.
>> That's great when you can rely on a central server! Many times though
>> that's not an option.
>> /Max

reply via email to

[Prev in Thread] Current Thread [Next in Thread]