So would it be fair say this is sort of like using a smartcard in that you need both possession of the token and knowledge of a PIN? And that the KDC guards the PIN against brute force guessing, because each guess requires a transaction against the KDC? So stealing the token gets the attacker nothing?
- Re: One Time Identification, a request for comments/test... Jim Rees
- Re: One Time Identification, a request for comments... Jeffrey Hutzelman
- Re: One Time Identification, a request for comm... John Rudd
- Re: One Time Identification, a request for ... Nicolas Williams
- Re: One Time Identification, a request for ... Douglas E. Engert
- Re: One Time Identification, a request for comments... g . w
- Re: One Time Identification, a request for comm... Jeffrey Hutzelman
- Re: One Time Identification, a request for comm... Peter Iannarelli
- Re: One Time Identification, a request for comments... g . w
- Re: One Time Identification, a request for comments... g . w
- Re: One Time Identification, a request for comments... g . w
