-----BEGIN PGP SIGNED MESSAGE-----
The reasons I decided to go with C/R cards rather then time sync include
the following.
1. clock drift
2. I found enough users were taking a while to type in the ID then getting
frustrated when it changed on them as they hit enter that the
inconvienience of C/R didn't bother them.
3. C/R cards (at least the ones I use) also have a PIN needed to unlock
them. This changes the security from "something you have" to "something
you have"+"something you know"
David Lang
On Fri, 23 Apr 1999, Vin McLellan wrote:
> Date: Fri, 23 Apr 1999 16:16:46 -0400
> From: Vin McLellan <[EMAIL PROTECTED]>
> To: Laris Benkis <[EMAIL PROTECTED]>,
"'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> Subject: Re: Looking for an authentication appliance
>
> At 09:09 AM 4/23/99 -0400, Laris Benkis wrote:
>
> >The device I am looking for is the equivalent of the Security Dynamics
> >ACM100 but I want challenge response, not time synch with cards that
> >eventually die.
>
> Just curiousity, but it is that you don't like time-synch
> authentication for some practical or philosophical reason? Great and
> rewarding experiences managing a site which uses one of the C/R calculators?
>
"If users are made to understand that the system administrator's job is to
make computers run, and not to make them happy, they can, in fact, be made
happy most of the time. If users are allowed to believe that the system
administrator's job is to make them happy, they can, in fact, never be made
happy."
- -Paul Evans (as quoted by Barb Dijker in "Managing Support Staff", LISA '97)
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBNyDiFj7msCGEppcbAQHCbwgAleYyDiCPlaUuU/oEe58pvZVIj4qTUhHR
h6ddob6UjqaQU/8b4VKnvPn3cNeH6y/aboi9/Mu0R1FGJfUHDrkj25etdbJf1hZO
scgE0L0T2eT8e5eIy5S0CQLGNYSZxetHx/F704eIGHJAhCI+ikbkzJLLM/gjNluQ
OUyIRrvdGWUO3KqRVCoytE1A66h6Xv3g3QS0PIKvj1Jffk8XVTAvgEJsz6TSiUDS
cvmcbf5PCQVkdlsw7YJui6wFb5FmpM50MAN8NYfjhblzv2cJVeY1iRE+3Rvcbo/V
NqSbmBmI/9jnJ+IVNAy1Ic35Ui+Kli9LOIiD/GEp0nMNf70PAX0K/w==
=waF/
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
