[Soc-coordination] Status Report Week 8, Extending oath-toolkit and dynalogin to provide CROTP/OCRA
Fabian Grünbichler
fabian.gruenbichler at tuwien.ac.at
Sat Aug 10 08:37:53 UTC 2013
Hello,
this week was kind of slow(er than expected) because I didn't find
enough time between returning from one trip and preparing for the next one.
*Things finished this week*
.)Two-way authentication implementation for dynalogin
.)Bug-fixing
The OCRA protocol for dynalogin now looks like this:
one-way:
client sends
CHALL OCRA ONE <user>
server responds with
250 CHALL <challenge>
client computes OCRA code based on challenge
client sends
UDATA OCRA <user> <code>
server validates code and sends reponse accordingly (i.e., authorized,
denied, error)
two-way:
client sends
CHALL OCRA TWO <user> <server challenge>
server computes server code, responds with
250 CHALL <server code> <client challenge>
client computes client code based on server and client challenge and
responds with
UDATA OCRA <user> <code>
server validates code based on server and client challenge and responds
accordingly
I still need to test datasources other than the example one more
extensively. libdynaloginclient now contains new API functions that
implement this protocol.
*Things started this week*
.)dynalogin PAM module OCRA support*
.)preparation for DebConf talk
*Plans for next week*
DebConf :)
I will try to make up for the delay this weekend - as always you can
find my code on github:
https://github.com/Fabian-Gruenbichler/dynalogin/tree/ocra
Kind regards and see (some of) you at DebConf!
Fabian
More information about the Soc-coordination
mailing list