Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NetSec: Improve multi-party authentication option #25

Open
tomrittervg opened this issue Aug 30, 2017 · 0 comments
Open

NetSec: Improve multi-party authentication option #25

tomrittervg opened this issue Aug 30, 2017 · 0 comments
Assignees
@clintwilson

Comments

@tomrittervg
Copy link

@sleevi and @rmhrisk (I believe) both raised the point that when multi-party authentication is used, it should be able to be bypassed by an attacker compromising one authentication infrastructure (for example, the LDAP server) or directly harvesting two user passwords.

Can we state that when single-factor multi-party is in use, it is limited to hardware based authentication mechanisms?
@barrini barrini transferred this issue from cabforum/servercert May 9, 2023
@clintwilson clintwilson self-assigned this Jan 30, 2024
clintwilson pushed a commit that referenced this issue Jan 30, 2024
Address issues #24 and #25
d120779 
Add minor changes to Definitions and 1.1.1.1 to address these long-open issues.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@clintwilson clintwilson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tomrittervg @clintwilson