[aerogear-dev] AEROGEAR-686 - Security Roadmap updates
Bruno Oliveira
bruno at abstractj.org
Tue Dec 4 13:41:42 EST 2012
Tbh I believe that is just a matter of push the changes to aerogear.org, because the images are the same (https://github.com/aerogear/aerogear.org/commit/be8295d48e19f0c24725042c019cefd5bd4c4387).
Let me know if you have more questions on it.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Tuesday, December 4, 2012 at 4:39 PM, Deepali Khushraj wrote:
> Thanks! I did look at this presentation too, wasn't sure which one was more fresh.
>
> Does the flow in slide 13 override the one from the spec in github?
>
>
> On Dec 4, 2012, at 1:31 PM, Bruno Oliveira <bruno at abstractj.org (mailto:bruno at abstractj.org)> wrote:
> > Hi Deepali, take a look at this presentation, might help. That pic on staging wasn't updated at the aerogear.org (http://aerogear.org) site.
> >
> > http://quantum.abstractj.org/talks/2012/aerogear/otp/index.html#/
> >
> > --
> > "The measure of a man is what he does with power" - Plato
> > -
> > @abstractj
> > -
> > Volenti Nihil Difficile
> >
> >
> >
> > On Tuesday, December 4, 2012 at 4:16 PM, Deepali Khushraj wrote:
> >
> > > Hello,
> > >
> > > Some questions on the aerogear OTP flows:
> > >
> > > * In scenario 1, during registration, the server generates the secret and does OTP validation. I was wondering what data is being sent to server? Asking since, I didn't see "Generate OTP" on client-side in the picture
> > No data is sent to the server
> > >
> > >
> > > * Are we recommending developers to use TOTP or HOTP or both?
> > >
> > > * How does this approach compare to Google's application-specific passwords, where OTP generation takes place outside the app?
> > >
> > > This looks like great stuff!
> > >
> > > Thanks!
> > > Deepali.
> > >
> > >
> > > On Nov 29, 2012, at 11:22 AM, Bruno Oliveira <bruno at abstractj.org (mailto:bruno at abstractj.org)> wrote:
> > >
> > > > Morning everyone, just to let you guys know that the security roadmap was finally updated. Feel free to add comments/suggestions on github.
> > > >
> > > > https://github.com/aerogear/aerogear.org/pull/15
> > > >
> > > >
> > > > --
> > > > "The measure of a man is what he does with power" - Plato
> > > > -
> > > > @abstractj
> > > > -
> > > > Volenti Nihil Difficile
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > aerogear-dev mailing list
> > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> >
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
More information about the aerogear-dev
mailing list