On 18/10/11 16:23, Stephen Gallagher wrote: > On Tue, 2011-10-18 at 08:19 -0400, Stephen Gallagher wrote: >> On Tue, 2011-10-18 at 00:27 -0400, seth vidal wrote: >>> On Mon, 2011-10-17 at 22:50 +0100, Tristan Santore wrote: >>>> On 17/10/11 22:11, seth vidal wrote: >>>>> The biggest problems with the yubikeys is: >> >> It might be of interest to this mailing list to be made aware of some >> work being done jointly between the SSSD, FreeIPA, MIT Kerberos and >> Yubico development teams. >> >> The plan is for SSSD and FreeIPA to support (via extensions made to MIT >> Kerberos) Yubikey as a mechanism for acquiring a Kerberos TGT from >> FreeIPA. We have a proof-of-concept already available (demonstrated at >> this past Red Hat Summit) and work is ongoing on this. >> >> It might be worth revisiting the discussion about a potential FAS3 built >> atop the upcoming FreeIPA v3 (which will have this support). >> _______________________________________________ >> infrastructure mailing list >> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/infrastructure > > > Replying to myself: > I want to draw attention to the https://fedorahosted.org/AuthHub/ > project and diagrams there. > > We're planning to support multiple pluggable OTP methods, which would > make it possible to A) roll it out gradually and B) make it possible to > select which approach works better for a particular contributor (e.g. > Yubikey vs. smartphone app). > > I'd like to suggest that Fedora Infrastructure become involved in the > AuthHub project directly and help guide this effort. > > > > _______________________________________________ > infrastructure mailing list > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure Stephen, please refrain from reading my mind, before I hit the send button. Haha. And thanks for the link. Regards, Tristan -- Tristan Santore BSc MBCS TS4523-RIPE Network and Infrastructure Operations InterNexusConnect Mobile +44-78-55069812 Tristan.Santore@xxxxxxxxxxxxxxxxxxxxx Former Thawte Notary (Please note: Thawte has closed its WoT programme down, and I am therefore no longer able to accredit trust) For Fedora related issues, please email me at: TSantore@xxxxxxxxxxxxxxxxx _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
