[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: authentication using gnupg/pgp keys?



thanks for the response!

morgan> I'm not aware of anyone working on this. It does sound like an
morgan> ideal use of binary prompts though.

how hard (or much work) do you think it would be to implement?  are
you aware of any module that could be used as a starting point?  for
that matter, is some pam-experienced person interested in writing such
a module?  :-)

also, there is an interesting ietf draft:

  http://www.ietf.org/internet-drafts/draft-moscaritolo-mione-pgpticket-03.txt

w/ the abstract:

  OpenPGP specifies message formats and certificate formats used for
  exchange of encrypted and/or authenticated objects. This document
  discusses methods of extending OpenPGP's message formats to support an
  authorization system. This system would use public key cryptography to
  authenticate a user to a server and establish the user's access
  permissions. The concept is that the user acquires a ticket signed by
  some issuer that specifies what they are entitled to do. That ticket
  is then submitted to a server. The server uses a challenge/response
  method to verify that the holder really has the matching private
  key. The server then allows the access specified.

does this seem like something that could be implemented as part of the
pam module as well?

sorry for so many questions.

morgan> sen_ml@eccosys.com wrote:
morgan> > 
morgan> > is anyone working on a module to allow authentication based on a
morgan> > challenge-response scheme using gnupg/pgp keys?
morgan> > 
morgan> > i didn't have any luck locating anything in the archives...



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []