From owner-freebsd-hackers@FreeBSD.ORG Fri May 5 12:45:30 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F322A16A40F for ; Fri, 5 May 2006 12:45:29 +0000 (UTC) (envelope-from fli+freebsd-hackers@shapeshifter.se) Received: from mx1.h3q.net (manticore.shapeshifter.se [212.37.5.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id AAE4143D68 for ; Fri, 5 May 2006 12:45:25 +0000 (GMT) (envelope-from fli+freebsd-hackers@shapeshifter.se) Received: from localhost (localhost [127.0.0.1]) by mx1.h3q.net (Postfix) with ESMTP id 4B8241A770; Fri, 5 May 2006 14:45:23 +0200 (CEST) Received: from mx1.h3q.net ([127.0.0.1]) by localhost (mx1.h3q.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 97930-01; Fri, 5 May 2006 14:45:22 +0200 (CEST) Received: from [10.0.0.50] (sto-nat.se.tangram-group.net [212.37.5.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.h3q.net (Postfix) with ESMTP id 448911A6B2; Fri, 5 May 2006 14:45:22 +0200 (CEST) Message-ID: <445B48E6.3070000@shapeshifter.se> Date: Fri, 05 May 2006 14:45:26 +0200 From: Fredrik Lindberg User-Agent: Thunderbird 1.5.0.2 (X11/20060423) MIME-Version: 1.0 To: aanton@spintech.ro References: <00fb01c66fb2$a8e157c0$0501010a@ironman> <445A5F48.60303@spintech.ro> <200605051009.49344.doconnor@gsoft.com.au> <445AF8AB.9080008@shapeshifter.se> <445B35EA.5080009@spintech.ro> In-Reply-To: <445B35EA.5080009@spintech.ro> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at h3q.net Cc: freebsd-hackers@freebsd.org, Cesar Subject: Re: Fingerprint Authentication X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 May 2006 12:45:30 -0000 Alin-Adrian Anton wrote: > Fredrik Lindberg wrote: > > > > > The only way as I see it (to even make it possible with UPEKs driver) > > is to have a reader at both the remote machine and the client machine > > and then capture a BioAPI record at the client machine and have the > server verify it. But that involves transferring the record in a secure > > way to the server. > > > > Or simply have a reader on client side, which if correctly > authentificated will issue public-key auth with the server, or sort of.. > :) Not really BioAPI auth, but it enables the user to do remote logins > by putting the finger on the reader.. > But that would sort of defeat the whole purpose of biometric authentication and you could really just use public keys instead which would be a lot faster and easier than scanning your finger at each login. :) Fredrik Lindberg