From owner-freebsd-security@FreeBSD.ORG  Mon Mar  2 03:21:05 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1CF211065673
	for <freebsd-security@freebsd.org>;
	Mon,  2 Mar 2009 03:21:05 +0000 (UTC)
	(envelope-from jahilliya@gmail.com)
Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.175])
	by mx1.freebsd.org (Postfix) with ESMTP id E6FA88FC27
	for <freebsd-security@freebsd.org>;
	Mon,  2 Mar 2009 03:21:04 +0000 (UTC)
	(envelope-from jahilliya@gmail.com)
Received: by wf-out-1314.google.com with SMTP id 27so2113597wfd.7
	for <freebsd-security@freebsd.org>;
	Sun, 01 Mar 2009 19:21:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:content-type
	:content-transfer-encoding;
	bh=wWvnSdeIMwLEi/2R8o8Y5WcDLGlpFifD9CrNAa12eNQ=;
	b=hx/O/xhEw0gAaaJRJ/mSIYpBKHutJIuQjERlK9XWzawQOTv/2+D/DtZ6OIo5xr7ssQ
	V/6tfjhkrfWMwmw+h9LaSdbDD6SythkJ5wu0Z3XvBa9s6/APuuHlcB7IpYtnVkV40gmp
	d0RO8lxmH/0cnK1Ytne41RNVJfdKGMeTfXG+A=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:content-type:content-transfer-encoding;
	b=t+4NaKg+EN/xODwka1bBii03qepg/O3rqZmFQwqlEg0OK7RsYWD+zDHow2i4ib8dD1
	woYYWChLdj+9deQz7OuysVboO0ZvQ7sCMbK5xaYQ6xmQrebOwH61DzBRyRg/nUc0W917
	c9ocHTVH2nMd/TFRircm/OfsoC9KnDO7lCQkU=
MIME-Version: 1.0
Received: by 10.142.76.15 with SMTP id y15mr2742769wfa.263.1235962398326; Sun, 
	01 Mar 2009 18:53:18 -0800 (PST)
In-Reply-To: <20090302021415.GU5602@noncombatant.org>
References: <20090302021415.GU5602@noncombatant.org>
Date: Mon, 2 Mar 2009 11:53:18 +0900
Message-ID: <ba5e78ea0903011853o5c7c6727j9c34e979994a48a0@mail.gmail.com>
From: Daniel Marsh <jahilliya@gmail.com>
To: Chris Palmer <chris@noncombatant.org>, freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Re: OPIE considered insecure
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Mar 2009 03:21:05 -0000

Because they are a clever bunch

On 3/2/09, Chris Palmer <chris@noncombatant.org> wrote:
> Rich Healey writes:
>
>> I'm thinking about implementing OPIE, but after reading this I'm not so
>> sure. What's consensus on the best approach to one time logins?
>
> Why are people logging into their remote servers from assumed-untrustworthy
> clients at all?
>
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
>

-- 
Sent from my mobile device


http://buymeahouse.stiw.org/