Re: One Time Identification, a request for comments/testing.

[Jim Rees]

So would it be fair say this is sort of like using a smartcard in that you
need both possession of the token and knowledge of a PIN?  And that the KDC
guards the PIN against brute force guessing, because each guess requires a
transaction against the KDC?  So stealing the token gets the attacker
nothing?
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos