Re: Use of tokens for access to Debian resources?

To: debian-project@lists.debian.org
Subject: Re: Use of tokens for access to Debian resources?
From: Adrian von Bidder <avbidder@fortytwo.ch>
Date: Sun, 12 Nov 2006 12:50:06 +0100
Message-id: <[🔎] 200611121250.11526.avbidder@fortytwo.ch>
In-reply-to: <[🔎] 20061111055453.GA17822@daedalus.andrew.net.au>
References: <[🔎] 20061111055453.GA17822@daedalus.andrew.net.au>

On Saturday 11 November 2006 06:54, Andrew Pollock wrote:
> I'm inclined to agree with Russell Coker[1], in that Debian should use
> something like RSA tokens to control access to Debian resources.

Please not.

Why?  Not because they ain't secure (I do believe that they are quite a good 
idea from a security pov), but because of the way these tokens start to 
accumulate - and because of the work put on the DAM (or a new role as DAM 
helper): with 1000 developers, I'd say that a new token would have to be 
sent out about once per week because somebody has lost his token etc.

cheers
-- vbi

-- 
Einen Raucher zu küssen muß so ähnlich schmecken, wie an einem
Aschenbecher zu lecken.

Attachment: pgpsm6sL571o6.pgp
Description: PGP signature

Reply to:

References:
- Use of tokens for access to Debian resources?
  - From: Andrew Pollock <apollock@debian.org>

Prev by Date: Re: Note to "Did you already MOO today..."
Next by Date: Re: Use of tokens for access to Debian resources?
Previous by thread: Re: Use of tokens for access to Debian resources?
Next by thread: Re: Use of tokens for access to Debian resources?
Index(es):
- Date
- Thread