[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian two-factor auth, GSoC?

On Thu, Apr 11, 2013 at 09:25:02PM +0200, Tollef Fog Heen wrote:
> ]] Luca Filipozzi 
> > I can help with a GSoC but I think DSA would prefer to lean in the direction of
> > the above.
> I'm also happy to help with it.  I have a bit of experience with the
> yubikey tokens, and at least one of the upstreams is on the path to
> DDship, so I think we're reasonably well covered there.
> > Finally, if we are going to require DDs to have a physical object, I'm more in
> > favour of an OpenPGP token than an OTP token.  The OpenPGP token could then
> > power gpg (yes, Luca, we get that :) ) and act as an ssh-agent.  Couple that
> > with OTP, and we have quite strong overall solution, I think.
> The Yubikey neo can run the java applet thingies, it seems, so it can
> act as a GPG token too.

Completely unrelated to it's GSoC-eyness (which I would love to see,
quick, put it on the ideas page and put interested parties as mentors!),
I really hate the idea of "loosing" an unencrypted copy of my GPG
private half. I misplace everything, I don't need someone finding a copy
of my GPG key and abusing it :)


 .''`.  Paul Tagliamonte <paultag@debian.org>
: :'  : Proud Debian Developer
`. `'`  4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
 `-     http://people.debian.org/~paultag

Attachment: signature.asc
Description: Digital signature

Reply to: