[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Groups - OTP Token Consolidated Input Submission (wss-v1 1-spec-os-OTPTokenProfile.pdf) uploaded
It’s also possible to demonstrate
interoperability on a pairwise basis, using any underlying method for which claimant
and verifier sides share common support. I don’t think it’s
necessary for any one method to be supported universally. Note also: it’s
possible that a WSS endpoint receiving a WSS/OTP request can and will itself be
largely method-independent; rather than validating the OTP value itself, it may
instead dispatch it to a separate authentication server where users’ OTP
credentials would be stored and any method-specific validation would be
performed. --jl From: Anthony Nadalin
[mailto:drsecure@us.ibm.com] I would think that there should be some OTP algorithm (and identifiers) that
could be agreed upon so that there could be some level of interop
From: Anthony Nadalin [mailto:drsecure@us.ibm.com] Line
133-138 reference a registered trade mark, seems that there are implications of
this in a specification, I'm not sure of the reason why it is referenced. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]