	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Accessing secure sites

To: Wesley D Craig <wes@xxxxxxxxx>
Subject: Re: Accessing secure sites
From: Keith Farvis <K.Farvis@xxxxxxxx>
Date: Thu, 29 Jul 2004 09:53:29 +0100 (BST)
Cc: cosign-discuss@xxxxxxxxx
In-reply-to: <12B8C92D-E0B4-11D8-BE39-000A95A0453E@umich.edu>
References: <Pine.LNX.4.58.0407281209590.5024@taurus.ucs.ed.ac.uk> <12B8C92D-E0B4-11D8-BE39-000A95A0453E@umich.edu>

Wes
These sound just what we need.  Next question, what is your timescale 
for implementing these?
  Keith

On Wed, 28 Jul 2004, Wesley D Craig wrote:

> On 28 Jul 2004, at 07:12, Keith Farvis wrote:
> > Do you have any similar requirements in Michigan and if so, how have
> > you addressed them?
> 
> Very.  So far, two cases have been brought to our attention.  First is 
> similar to the one you describe.  Our plan is to add a cosign server 
> option to indicate that a site requires a password for each 
> registration event.  This allows the site to dictate a local idle 
> timeout.  Correspondingly, it will allow sites that don't care as much 
> to have very large idle timeouts, without negatively impacting the 
> security of these re-register sites.
> 
> The second case, brought by our finance people, is for multi-factor 
> authentication.
> 
> :wes
> 

--
Keith Farvis
Manager of Unix and Facilities Management Team
Edinburgh University Computing Services

References:
- Accessing secure sites
  - From: Keith Farvis
- Re: Accessing secure sites
  - From: Wesley D Craig

Prev by Date: FW: [win2000] IISCosign and Windows 2003/IIS 6.0.
Next by Date: Re: replication
Previous by thread: Re: Accessing secure sites
Next by thread: FW: [win2000] IISCosign and Windows 2003/IIS 6.0.
Index(es):
- Date
- Thread