Re: [kitten] SPAKE Preauth

Nathaniel McCallum <npmccallum@redhat.com> Fri, 01 May 2015 21:24 UTC

Return-Path: <npmccallum@redhat.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD38B1B2E4B for <kitten@ietfa.amsl.com>; Fri, 1 May 2015 14:24:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.911
X-Spam-Level:
X-Spam-Status: No, score=-5.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mUgvm0t1CnhK for <kitten@ietfa.amsl.com>; Fri, 1 May 2015 14:24:06 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3502E1A00EF for <kitten@ietf.org>; Fri, 1 May 2015 14:24:06 -0700 (PDT)
Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (Postfix) with ESMTPS id E61CC3C227; Fri, 1 May 2015 21:24:05 +0000 (UTC)
Received: from vpn-58-124.rdu2.redhat.com (vpn-58-124.rdu2.redhat.com [10.10.58.124]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t41LO4fD023108 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 1 May 2015 17:24:05 -0400
Message-ID: <1430515444.2514.14.camel@redhat.com>
From: Nathaniel McCallum <npmccallum@redhat.com>
To: Nico Williams <nico@cryptonector.com>
Date: Fri, 01 May 2015 17:24:04 -0400
In-Reply-To: <20150501212003.GB10065@localhost>
References: <1430138754.2682.10.camel@redhat.com> <20150501212003.GB10065@localhost>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/tlWY5sIiSca_JcQgDokdDd6OPy0>
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] SPAKE Preauth
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2015 21:24:07 -0000

On Fri, 2015-05-01 at 16:20 -0500, Nico Williams wrote:
> There should be a generic OTP 2nd factor type for user-input OTPs.
> 
> There should also be a generic OTP 2nd factor for plug-in/NFC-type 
> OTPs.
> 
> For a generic OTP 2nd factor for user-input OTPs the 'data' in the
> AS->client second pass should be a UTF8String, or just UTF-8.
> 
> It's important to define such generic OTP 2nd factors because they 
> are
> quite popular.

I plan to create separate standards for OATH and U2F.

Nathaniel