On Fri, Feb 26, 2010 at 12:38:32PM +0800, Dustin Kirkland wrote: > > Exactly. Does such an infrastructure exist? Or maybe I can start to > > write one. > > No, none exists yet. Let's discuss it a bit more, make sure we agree > on a design. I'd also like to get Tyler's opinion on it.
Yeah, sure. > The functions that deal with the wrapped-passphrase file are > relatively few. We could support a glob-type interface reasonably > easily. I'm just not sure of the security of doing so. I guess we'd > need to know a little more about the use case, if possible. I'm exploring alternative ways for authenticating a user. For example: 1. two people share a single encrypted directory but don't want to share their passwords with each other 2. the user may want to use either a smart card or a password to login > > BTW, does this has anything to do with PKCS#11 support? > > Hmm, not that I know of. It's more of a token interface. Like a > fingerprint reader that produces an authentication token. -- Best regards, Li, Yan Moblin Team, Opensource Technology Center, SSG, Intel Office tel.: +86-10-82171695 (inet: 8-758-1695) OpenPGP key: 5C6C31EF IRC: yanli on network irc.freenode.net _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs-users Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs-users More help : https://help.launchpad.net/ListHelp
