Le ven 22/11/2002 à 05:41, Brian May a écrit : > > A secure way to handle this would be a challenge/response > > authentification, or a system similar to SSH's one-time passwords. > > No, I think it is an inherent problem with using E-Mail for such things. > > As long as E-Mail is used, the possibility exists that the E-Mail will > get delayed. > > If the E-Mail gets delayed it is not possible to cancel it, it has > already been sent. That's why I suggest using either a challenge/response authentification (if the mail is lost, you have to ask for a new challenge and the previous mail won't be accepted if it is delayed), or one-time passwords (every time you use a OTP, all previous passwords are revoked). -- .''`. Josselin Mouette /\./\ : :' : josselin.mouette@ens-lyon.org `. `' joss@debian.org `- Debian GNU/Linux -- The power of freedom
Attachment:
signature.asc
Description: PGP signature