Hosting Provided By

Re: USB Tokens

From: Remo Inverardi <invi(at)your.toilet.ch>
Date: Tue Mar 25 2003 - 13:46:45 EST

Justin,

> Thoughts?

It's not the certificate that gives you security. It's the private key, which has to be kept secret somewhere.

Smartcards (like the Aladdin eToken you mentioned), store the private key in a safe place, which is not readable from the outside. Once you authenticated yourself with the smartcard, which is normally done by sending it your PIN, the smartcard can perform private key operations for you (which is why it's called "smart"-card).

If you think about it, your approach does not give you more security than simply storing your NT domain password on your USB token.

Regards, Remo

Get serious about enterprise anti-spam management. SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of technology to defeat spam with accuracy. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfmsl1 Received on Wed Mar 26 14:20:14 2003

This message: [ Message body ]
Next message: Robert Tillman: "RE: USB Tokens"
Previous message: Kurt: "RE: SMB Brute Force"
In reply to: Justin Derry: "USB Tokens"
Next in thread: Alan J. Raveling: "Re: USB Tokens"
Reply: Alan J. Raveling: "Re: USB Tokens"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:28 EDT

Do you need help?