>
> +1. What functionality does this new mechanism add?
>
> Tunnelblick implements 2FA through the management interface using the
> existing static and dynamic challenge-response mechanism. For a
> dynamic challenge, for example. Tunnelblick gets a response from the user in
> a popup window or
> I haven't looked at the patches, but a quick question. I haven't come across
> any
> 2FA mechanisms that cannot be handled (in principle) by the current static an
> dynamic CR in OpenVPN. Except that some dynamic CR (e.g, U2F) will require
> the possibility to transmit larger messages than
Hi,
On Thu, Jun 13, 2019 at 2:35 PM Selva Nair wrote:
>
> Hi
>
> On Thu, Jun 13, 2019 at 10:42 AM Arne Schwabe wrote:
> >
> > These patches mainly implement forwarding passing/forwarding extra
> > messages between management interface on server and client side.
> >
> > These new extra messages
Hi
On Thu, Jun 13, 2019 at 10:42 AM Arne Schwabe wrote:
>
> These patches mainly implement forwarding passing/forwarding extra
> messages between management interface on server and client side.
>
> These new extra messages can be used to implement a two step
> authentication like TOTP (Google
These patches mainly implement forwarding passing/forwarding extra
messages between management interface on server and client side.
These new extra messages can be used to implement a two step
authentication like TOTP (Google Authenticator) or web based
out of band (like SAML).
Since this