Merit Joint Technical Staff
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: S/key on university, college desktops
- From: Joseph L Gelinas
- Date: Tue Jun 09 13:02:29 1998
> Date: Tue, 09 Jun 1998 08:07:27 -0400
> From: Director@expression.org (Director)
> To: knoxm@merit.edu
> why don't you (Merit) use certificates and be done with it.
>
> Based on the known user identification, his/her access and service rights
> would be
> allocated and "opened". This would remove significant overhead (i.e.,
> administration)
> and provide the basis for "bandwidth on demand" scenarios in the future.
*What* "known user identification"? Someone walks up to a machine
and starts typing. How is that person identified? Once identified,
how is the person authenticated? (That is, how does the person prove
they are who they say they are?) That's what passwords are for: prove
you have the secret that only you should have.
S/Key is a password utility.
> BTW, I found your comment RE "public access" a validation of my
> observations, as well. Kind'a like the european library model: only
> educated persons can read; ergo only university alumni should have access
> to the meaty stuff.
> Here at EXPRESSion, free access is just that. The only "constraint" is a
> signed AUP/COU agreement.
How do you verify that person who signed the AUP/COU is the person at
the keyboard?
> That said, I worry about issues of privacy and security - in that order.
> (If you solve the former, you have solved most issues of the latter)
Me, too. Can I trust an S/Key calculator installed by someone else?
Can I know that it is not recording my password, for later retrieval
by the person who installed the calculator? (I would guess this is
the reason behind requiring re-initialising S/Key after using a
web-based calculator.)
Gelinas.
--------------------------------------
Joseph L. Gelinas
Gelinas@umich.edu
http://www-personal.umich.edu/~gelinas
--------------------------------------
|
