summaryrefslogtreecommitdiff
blob: 93a2420521878090de45d4f78c48c95e407763c7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
  <email>ulm@gentoo.org</email>
</maintainer>
<longdescription lang="en">
  From RFC2289:
  One form of attack on networked computing systems is eavesdropping on
  network connections to obtain authentication information such as the
  login IDs and passwords of legitimate users. Once this information is
  captured, it can be used at a later time to gain access to the system.
  One-time password systems are designed to counter this type of attack,
  called a "replay attack."

  The authentication system described in this document uses a secret
  pass-phrase to generate a sequence of one-time (single use) passwords.
  With this system, the user's secret pass-phrase never needs to cross the
  network at any time such as during authentication or during pass-phrase
  changes. Thus, it is not vulnerable to replay attacks. Added security
  is provided by the property that no secret information need be stored on
  any system, including the server being protected.

  The OTP system protects against external passive attacks against the
  authentication subsystem. It does not prevent a network eavesdropper from
  gaining access to private information and does not provide protection
  against either "social engineering" or active attacks.
</longdescription>
</pkgmetadata>