On Thursday, February 01, 2007 05:15:56 PM -0500 Jeffrey Hutzelman <[EMAIL PROTECTED]> wrote:
> > > On Thursday, February 01, 2007 03:06:21 PM -0600 [EMAIL PROTECTED] wrote: > >>> What keeps a user from copying the identity token from the USB >>> device to a local or shared file system to avoid having to insert >>> the USB device all the time? >> >> We were considering public flogging but were unsure if we could get it >> into an IETF draft. > > <wg chair hat on> > > Anyone can submit an internet-draft; just write up your proposal > according to <http://www.ietf.org/ietf/1id-guidelines.html> and send it > off to [EMAIL PROTECTED] > > You should then bring up your proposal on the Kerberos Working Group > mailing list, [EMAIL PROTECTED] We're beginning to move into the area > of preauthentication and improving the initial authentication exchange, > and while I can't guarantee that your proposal will be well-received, it > will certainly receive the same consideration as a number of others that > have recently been raised. > > <wg chair hat off> Of course, I should note that it's your OTI proposal that I'm suggesting you bring to the working group. The bit about public flogging should be written up separately and sent directly to [email protected], without prior publication as an I-D, per item 19 in the FAQ at <http://www.rfc-editor.org/rfcfaq.html> -- Jeff ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
