	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Accessing secure sites

To: K.Farvis@xxxxxxxx
Subject: Re: Accessing secure sites
From: Wesley D Craig <wes@xxxxxxxxx>
Date: Wed, 28 Jul 2004 12:35:02 -0400
Cc: cosign-discuss@xxxxxxxxx
In-reply-to: <Pine.LNX.4.58.0407281209590.5024@taurus.ucs.ed.ac.uk>
References: <Pine.LNX.4.58.0407281209590.5024@taurus.ucs.ed.ac.uk>

On 28 Jul 2004, at 07:12, Keith Farvis wrote:

Do you have any similar requirements in Michigan and if so, how have
you addressed them?

Very. So far, two cases have been brought to our attention. First is similar to the one you describe. Our plan is to add a cosign server option to indicate that a site requires a password for each registration event. This allows the site to dictate a local idle timeout. Correspondingly, it will allow sites that don't care as much to have very large idle timeouts, without negatively impacting the security of these re-register sites.

The second case, brought by our finance people, is for multi-factor authentication.

:wes

Follow-Ups:
- Re: Accessing secure sites
  - From: Keith Farvis

References:
- Accessing secure sites
  - From: Keith Farvis

Prev by Date: Re: replication
Next by Date: Re: replication
Previous by thread: Accessing secure sites
Next by thread: Re: Accessing secure sites
Index(es):
- Date
- Thread