Project

General

Profile

Actions

Feature #68

open

Add optional support for signing authentication replies

Added by The 2nd almost 9 years ago. Updated over 6 years ago.

Status:
In Bearbeitung
Priority:
Normal
Assignee:
Target version:
Start date:
24 December 2015
Due date:
% Done:

50%

Estimated time:

Description

  • The client should send a challenge to the OTPme server that will be signed with its public key
    • This reduces the code where authentication related bugs may lead to false positives
  • Using JWT for this feature will allow us to re-use it for web authentication in later versions (https://en.wikipedia.org/wiki/JSON_Web_Token)
Actions

Also available in: Atom PDF