On Mon, 11 Sep 2000, Steve Smith wrote:
> Does anyone know which is better?
The one with racing stripes!
Both have their uses and are "better" for different scenerios. Tokens
overall provide additional nonrepudiation because there can be only one
and you're not relying on an insecure OS or commonly stolen laptop when
compared to certificates. Certificates provide common Web authentication
in that they can be used to auth directly with a Web server instead of
authing then handing out a cookie because the second hit will replay the
token number and after a few graphics load the token will be locked if
you've set the server to be paranoid enough.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
