[Freeipa-devel] Planning FreeIPA 4.0 GA
Alexander Bokovoy
abokovoy at redhat.com
Fri Jun 27 16:57:06 UTC 2014
On Fri, 27 Jun 2014, Alexander Bokovoy wrote:
>On Fri, 27 Jun 2014, Martin Kosek wrote:
>>Hello team,
>>
>>As we are about to very soon release the FreeIPA 4.0, I triaged all the pending
>>tickets and divided them to following milestones:
>>
>>1) FreeIPA 4.0 GA - last work that is required for the release. When this
>>milestone is completed, we will release. All tickets in this milestone are thus
>>the top priority for people working on 4.0 - this applies both for development
>>and for reviews.
>Endi found that with TOTP we don't yet enforce a requirement to prevent
>reuse of OTP code multiple times within the same time step (you are able
>to login with TOTP and reuse it for password change within 30 seconds,
>for example). RFC3268 part 5.2 clearly says that the verifier MUST NOT
>allow this behavior.
Err, RFC 6238, of course. http://tools.ietf.org/html/rfc6238#section-5.2
I'm off for weekend. :)
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list