Hi All, Kind reminder on this topic. @Prabath/Johan shall we create a common module for TOTP and HOTP? Algorithm based common module will reduce the codes and we can use for multiple vendors, currently SMSOTP developed based on Nexmo API[1] but there are multiple options available for send SMS. so if we create common module then we can easily add for other vendor also and we can add option to select the algorithm.
[1] https://dashboard.nexmo.com <https://dashboard.nexmo.com/sign-up> On Fri, Mar 11, 2016 at 11:46 AM, Kathees Rajendram <[email protected]> wrote: > Hi, > > We can have the authenticators either algorithm based or medium based as > we discussed in the meeting. Google authenticator also supports TOTP and > HOTP [1]. > > Algorithm based authenticators (TOTP and HOTP) > > TOTP > - Email > - SMS > - Google > HOTP > - Email > - SMS > - Google > > Based on the algorithm, we will have the authenticator TOTP and HOTP > authenticators. Both authenticators will have the mediums Email, SMS and > google app to send the token. > > Medium based Authenticators (Email OTP, SMS OTP and Google) > > Email > - TOTP > - HOTP > SMS > - TOTP > - HOTP > Google > - TOTP > - HOTP > > Based on the medium, we will have the authenticators Email OTP, SMS OTP > and Google. Three authenticators will have the options TOTP and HOTP > algorithm to generate the token. > > [1] - https://github.com/google/google-authenticator > > @Prabath > WDYT? > > Thanks, > Kathee > > On Fri, Mar 11, 2016 at 9:32 AM, Keerthika Mahendralingam < > [email protected]> wrote: > >> Yes, IMO we can't rename TOTP as Google authenticator. Because TOTP will >> provide the facility to use the Google authenticator to get the token and >> validate the user. But it can be also used to authenticate the user like >> SMSOTP and emailOTP. >> >> >> Thanks, >> >> On Thu, Mar 10, 2016 at 7:34 PM, Prabath Siriwardana <[email protected]> >> wrote: >> >>> >>> >>> On Tue, Mar 8, 2016 at 10:24 PM, Kathees Rajendram <[email protected]> >>> wrote: >>> >>>> +1 for common module for TOTP and HOTP algorithms. >>>> >>>> IMO can we rename TOTP authenticator to Google Authenticator. >>>> >>> >>> Isn't that misleading...? >>> >>> >>>> SMS OTP, Email OTP and Google Authenticator can have the options TOTP >>>> and HOTP. >>>> >>>> Thanks, >>>> Kahees >>>> >>>> On Tue, Mar 8, 2016 at 7:51 PM, Malaka Silva <[email protected]> wrote: >>>> >>>>> +1 for separating common modules. >>>>> >>>>> However IMO these needs to go as two different authenticators since >>>>> it provides two distinct methods to authenticate. >>>>> >>>>> +architecture >>>>> >>>>> ---------- Forwarded message ---------- >>>>> From: Rajj >>>>> common mod >>>>> az Mohammed <[email protected]> >>>>> Date: Tue, Mar 8, 2016 at 6:56 PM >>>>> Subject: OATH Authenticators for IS >>>>> To: Malaka Silva <[email protected]>, Rohan Perera <[email protected]> >>>>> Cc: Kathees Rajendram <[email protected]>, Elilmatha Sivanesan < >>>>> [email protected]>, Keerthika Mahendralingam <[email protected]>, >>>>> Shakila Sivagnanarajah <[email protected]> >>>>> >>>>> >>>>> Hi All, >>>>> We already have SMS OTP , Email OTP and TOTP all are using hash-based >>>>> message authentication code >>>>> <https://en.wikipedia.org/wiki/Hash-based_message_authentication_code> >>>>> (HMAC) algorithm. OATH provides 2 types of authentication methods[1] >>>>> TOTP[2] and HOTP[3]. >>>>> >>>>> OTP relies on two basic things, a shared secret and a moving factor. >>>>> for TOTP moving factor will be a timestamp[2] and for HOTP that moving >>>>> factor will be a counter[3]. >>>>> But according to the list[4] given by IS Team we are developing >>>>> separate authenticators. can't we create common modules for these >>>>> OATH[1] authenticators? >>>>> >>>>> WDYT? >>>>> >>>>> >>>>> [1] https://openauthentication.org/specifications-technical-resources/ >>>>> [2] >>>>> https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm >>>>> [3] >>>>> https://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm >>>>> [4] >>>>> https://docs.google.com/spreadsheets/d/1WhAc2yXg9SJ_fAFQYKwetbmP09m5TWEvRGLp04a0dO8/edit#gid=2089406928 >>>>> >>>>> >>>>> >>>>> -- >>>>> Thank you >>>>> Best Regards >>>>> >>>>> *Rajjaz HM* >>>>> Associate Software Engineer >>>>> Platform Extension Team >>>>> WSO2 Inc. <http://wso2.com/> >>>>> lean | enterprise | middleware >>>>> Mobile | +94752833834|+94777226874 >>>>> Email | [email protected] >>>>> LinkedIn | Blogger | WSO2 Profile >>>>> <http://wso2.com/about/team/mohammer_rajjaz/> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Best Regards, >>>>> >>>>> Malaka Silva >>>>> Senior Tech Lead >>>>> M: +94 777 219 791 >>>>> Tel : 94 11 214 5345 >>>>> Fax :94 11 2145300 >>>>> Skype : malaka.sampath.silva >>>>> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >>>>> Blog : http://mrmalakasilva.blogspot.com/ >>>>> >>>>> WSO2, Inc. >>>>> lean . enterprise . middleware >>>>> http://www.wso2.com/ >>>>> http://www.wso2.com/about/team/malaka-silva/ >>>>> <http://wso2.com/about/team/malaka-silva/> >>>>> https://store.wso2.com/store/ >>>>> >>>>> Save a tree -Conserve nature & Save the world for your future. Print >>>>> this email only if it is absolutely necessary. >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Kathees >>>> Software Engineer, >>>> email: [email protected] >>>> mobile: +94772596173 >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> Prabath >>> >>> Twitter : @prabath >>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >>> >>> Mobile : +1 650 625 7950 >>> >>> http://blog.facilelogin.com >>> http://blog.api-security.org >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> <[email protected]> >> Keerthika Mahendralingam >> Associate Software Engineer >> Mobile :+94 (0) 776 121144 >> [email protected] >> WSO2, Inc. >> lean . enterprise . middleware >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Kathees > Software Engineer, > email: [email protected] > mobile: +94772596173 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thank you Best Regards *Rajjaz HM* Associate Software Engineer Platform Extension Team WSO2 Inc. <http://wso2.com/> lean | enterprise | middleware Mobile | +94752833834|+94777226874 Email | [email protected] LinkedIn | Blogger | WSO2 Profile <http://wso2.com/about/team/mohammer_rajjaz/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
