On Tue, Mar 8, 2016 at 10:24 PM, Kathees Rajendram <kath...@wso2.com> wrote:
> +1 for common module for TOTP and HOTP algorithms. > > IMO can we rename TOTP authenticator to Google Authenticator. > Isn't that misleading...? > SMS OTP, Email OTP and Google Authenticator can have the options TOTP and > HOTP. > > Thanks, > Kahees > > On Tue, Mar 8, 2016 at 7:51 PM, Malaka Silva <mal...@wso2.com> wrote: > >> +1 for separating common modules. >> >> However IMO these needs to go as two different authenticators since >> it provides two distinct methods to authenticate. >> >> +architecture >> >> ---------- Forwarded message ---------- >> From: Rajj >> common mod >> az Mohammed <raj...@wso2.com> >> Date: Tue, Mar 8, 2016 at 6:56 PM >> Subject: OATH Authenticators for IS >> To: Malaka Silva <mal...@wso2.com>, Rohan Perera <ro...@wso2.com> >> Cc: Kathees Rajendram <kath...@wso2.com>, Elilmatha Sivanesan < >> elilma...@wso2.com>, Keerthika Mahendralingam <keerth...@wso2.com>, >> Shakila Sivagnanarajah <shak...@wso2.com> >> >> >> Hi All, >> We already have SMS OTP , Email OTP and TOTP all are using hash-based >> message authentication code >> <https://en.wikipedia.org/wiki/Hash-based_message_authentication_code> >> (HMAC) algorithm. OATH provides 2 types of authentication methods[1] >> TOTP[2] and HOTP[3]. >> >> OTP relies on two basic things, a shared secret and a moving factor. for >> TOTP moving factor will be a timestamp[2] and for HOTP that moving factor >> will be a counter[3]. >> But according to the list[4] given by IS Team we are developing separate >> authenticators. can't we create common modules for these OATH[1] >> authenticators? >> >> WDYT? >> >> >> [1] https://openauthentication.org/specifications-technical-resources/ >> [2] https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm >> [3] https://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm >> [4] >> https://docs.google.com/spreadsheets/d/1WhAc2yXg9SJ_fAFQYKwetbmP09m5TWEvRGLp04a0dO8/edit#gid=2089406928 >> >> >> >> -- >> Thank you >> Best Regards >> >> *Rajjaz HM* >> Associate Software Engineer >> Platform Extension Team >> WSO2 Inc. <http://wso2.com/> >> lean | enterprise | middleware >> Mobile | +94752833834|+94777226874 >> Email | raj...@wso2.com >> LinkedIn | Blogger | WSO2 Profile >> <http://wso2.com/about/team/mohammer_rajjaz/> >> >> >> >> -- >> >> Best Regards, >> >> Malaka Silva >> Senior Tech Lead >> M: +94 777 219 791 >> Tel : 94 11 214 5345 >> Fax :94 11 2145300 >> Skype : malaka.sampath.silva >> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >> Blog : http://mrmalakasilva.blogspot.com/ >> >> WSO2, Inc. >> lean . enterprise . middleware >> http://www.wso2.com/ >> http://www.wso2.com/about/team/malaka-silva/ >> <http://wso2.com/about/team/malaka-silva/> >> https://store.wso2.com/store/ >> >> Save a tree -Conserve nature & Save the world for your future. Print this >> email only if it is absolutely necessary. >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Kathees > Software Engineer, > email: kath...@wso2.com > mobile: +94772596173 > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
