Re: USB Tokens
From: Remo Inverardi (invi@your.toilet.ch)
Date: 03/25/03
- Previous message: defaillance@hushmail.com: "Re: SMB Brute Force"
- In reply to: Justin Derry: "USB Tokens"
- Next in thread: Justin Derry: "Re: USB Tokens"
- Reply: Justin Derry: "Re: USB Tokens"
- Reply: Alan J. Raveling: "Re: USB Tokens"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Mar 2003 19:46:45 +0100 From: Remo Inverardi <invi@your.toilet.ch> To: Justin Derry <jderry@bordertechnologies.com>
Justin,
> Thoughts?
It's not the certificate that gives you security. It's the private key,
which has to be kept secret somewhere.
Smartcards (like the Aladdin eToken you mentioned), store the private
key in a safe place, which is not readable from the outside. Once you
authenticated yourself with the smartcard, which is normally done by
sending it your PIN, the smartcard can perform private key operations
for you (which is why it's called "smart"-card).
If you think about it, your approach does not give you more security
than simply storing your NT domain password on your USB token.
Regards, Remo
----------------------------------------------------------------------
Get serious about enterprise anti-spam management.
SurfControl E-mail Filter for SMTP & Exchange
leverages multiple layers of technology to defeat
spam with accuracy. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfmsl1
- Previous message: defaillance@hushmail.com: "Re: SMB Brute Force"
- In reply to: Justin Derry: "USB Tokens"
- Next in thread: Justin Derry: "Re: USB Tokens"
- Reply: Justin Derry: "Re: USB Tokens"
- Reply: Alan J. Raveling: "Re: USB Tokens"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
