-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Paul D. Robertson [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 11, 2000 5:15 PM
>
> Both have their uses and are "better" for different scenerios.
> Tokens overall provide additional nonrepudiation because there can
> be only one and you're not relying on an insecure OS or commonly
> stolen laptop when compared to certificates. Certificates provide
> common Web authentication in that they can be used to auth
> directly with a Web server instead of authing then handing out a
> cookie because the second hit will replay the token number and
> after a few graphics load the token will be locked if you've set
> the server to be paranoid enough.
You also need to consider the management aspect. How many users will
be using it/them? What access (servers, vpns, applications) do you
want to authenticate? Can you use whichever mechanism you choose for
other authentication, now or later down the road? What life span do
you anticipate? Who will provide support for it? These are factors
that you need to include in your selection process.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBOb29Z0RKym0LjhFcEQIfwwCbBh/YNV1HflSEEzRSmdPPbLIkluQAoPhJ
SYqJSpQ7DbO+kgHX8jmGD4DU
=+Ap+
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
