Hugh, is there any indication if this will be changed to stop replay attacks on totp?
Thanks Matthew Reeves-Hairs MBCS (CCNA, CCNP, CCDA) Director Willow ICT Limited 13 Willow Close Great Hormead Hertfordshire, SG9 0NW Mobile: +44 (0)7912 202627 Fax: +44 (0)7092 361501 [email protected] http://www.willowict.com Please consider the environment before printing this email. The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company in any contract or obligation, unless we have specifically agreed to be bound. Sent from my iPad On 20 Sep 2010, at 15:55, Matthew Reeves-Hairs <[email protected]> wrote: > Hugh, > Can you say if you will be adopting the newer standard as published on the > oath web site? > > Regards > > Matthew Reeves-Hairs MBCS > (CCNA, CCNP, CCDA) > Director > > Willow ICT Limited > 13 Willow Close > Great Hormead > Hertfordshire, SG9 0NW > Mobile: +44 (0)7912 202627 > Fax: +44 (0)7092 361501 > [email protected] > http://www.willowict.com > > Please consider the environment before printing this email. > > The content of this email and any attachment is private and may be > privileged. If you are not the intended recipient, any use, disclosure, > copying or forwarding of this email and/or its attachments is unauthorised. > If you have received this email in error please notify the sender by email > and delete this message and any attachments immediately. Nothing in this > email shall bind the Company in any contract or obligation, unless we have > specifically agreed to be bound. > > Sent from my iPad > > On 20 Sep 2010, at 09:22, Hugh Irvine <[email protected]> wrote: > >> >> Hello Matthew - >> >> The current implementation conforms to draft-mraihi-totp-timebased-06.txt, >> which has nothing to say about replay attacks (though perhaps it should). >> >> regards >> >> Hugh >> >> >> On 18 Sep 2010, at 23:12, Matthew Reeves-Hairs wrote: >> >>> Hi, >>> I have notice that with TOTP even with the TimeStep set to 0 it is still >>> possible to use the same otp more once, is this correct? >>> >>> Most time based OTP systems I've used reject the otp if it has already been >>> used and you have to wait for the next time window. >>> >>> Hugh, can you comment on this. >>> >>> Regards >>> >>> Matthew Reeves-Hairs MBCS >>> (CCNA, CCNP, CCDA) >>> Director >>> >>> Willow ICT Limited >>> 13 Willow Close >>> Great Hormead >>> Hertfordshire, SG9 0NW >>> Mobile: +44 (0)7912 202627 >>> Fax: +44 (0)7092 361501 >>> [email protected] >>> http://www.willowict.com >>> <image.png> >>> Please consider the environment before printing this email. >>> >>> The content of this email and any attachment is private and may be >>> privileged. If you are not the intended recipient, any use, disclosure, >>> copying or forwarding of this email and/or its attachments is unauthorised. >>> If you have received this email in error please notify the sender by email >>> and delete this message and any attachments immediately. Nothing in this >>> email shall bind the Company in any contract or obligation, unless we have >>> specifically agreed to be bound. >>> >>> _______________________________________________ >>> radiator mailing list >>> [email protected] >>> http://www.open.com.au/mailman/listinfo/radiator >> >> >> >> NB: >> >> Have you read the reference manual ("doc/ref.html")? >> Have you searched the mailing list archive >> (www.open.com.au/archives/radiator)? >> Have you had a quick look on Google (www.google.com)? >> Have you included a copy of your configuration file (no secrets), >> together with a trace 4 debug showing what is happening? >> >> -- >> Radiator: the most portable, flexible and configurable RADIUS server >> anywhere. Available on *NIX, *BSD, Windows, MacOS X. >> Includes support for reliable RADIUS transport (RadSec), >> and DIAMETER translation agent. >> - >> Nets: internetwork inventory and management - graphical, extensible, >> flexible with hardware, software, platform and database independence. >> - >> CATool: Private Certificate Authority for Unix and Unix-like systems. >> >> >> _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
