On Tue, 2015-05-19 at 22:30 +0200, Simon Josefsson wrote: > Can you tell me more how you would use this? I'm not exactly sure how > you could generalize OTP-generation in a library that still makes > sense to an application.
The main use case I have in mind is my VPN client. The server may require OATH tokens to authenticate. Those *could* be in a hardware device, they could be in a PSKC file, they could be in Pledge or something else. My code just detects when the 'password' prompt is actually looking for an OTP token (by various heuristics according to the VPN protocol in use at the time), and invokes the appropriate back end to generate it. The back end is specified by the user, of course. I guess there could be a bunch of similar use cases where client authentication can be automated by OATH token generation. I certainly wasn't expecting to have to write PC/SC code for myself :) -- dwmw2
