[863] in Kerberos
Re: Authentication vulnerabilities
daemon@ATHENA.MIT.EDU (Jerry Carlin)
Tue Dec 26 19:51:02 1989
From: pacbell!ptsfa!jmc@AMES.ARC.NASA.GOV (Jerry Carlin)
To: kerberos@ATHENA.MIT.EDU
In article <8912261743.AA02542@decwrl.dec.com> miller@ERLANG.ENET.DEC.COM (Steve Miller) writes:
>p.s. Tools such as smart cards with PINs are better, but still imperfect
>since they may be intentionally shared or shared under duress -- e.g.
>people have been mugged and forced to obtain money from their cash machines.
At least one smart card system that I know has a 'duress' PIN that is to
be used specifically in duress situations so that the system can take
action under those circumstances.
--
Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc
To dream the impossible dream. To fight the unbeatable foe.
