[Twisted-Python] Re: +AFs-Twisted-Python+AF0- Re: +AFs-Twisted-commits+AF0- CVS: Twisted/twisted/python otp.py,NONE,1.1
Glyph Lefkowitz
glyph at twistedmatrix.com
Thu Sep 6 14:53:29 MDT 2001
On Thu, Sep 06, 2001 at 08:01:40PM +0200, Benjamin Bruheim wrote:
> > To continue the trend of beating on poor Benjamin here, a few comments about
> > twisted.python.otp... :-)
>
> Oh, I can take it. It kinda stores up my shares for _my_ nasty replies later on ;)
I'm looking forward to it... ;-)
> > It seems oddly placed in twisted.python, maybe twisted.protocols would be
> > better? I know it's not a wire protocol, but it is an RFC implementation.
> Well, it is selfcontained and is divided into two classes: one with service
> routines, and one which is a selfupdating password container. I can't say
> that I understand what these should do in protocols, since they have nothing
> in common with any of the other modules in protocols. It can also be used in
> a calculator as well, which is the most popular usage of OTP :)
Hmm. A calculator? I must admit I'm a little confused by that, but okay...
> Some other issues: SMTP seems to use SASL authentication and I could write
> some routines for OTP that can be used in SASL since it supports the OTP
> authentication scheme. And there's one big flaw in OTP as well: When the
> sequence has run out (default is 1000 password issued) the sequence has to be
> reset, this is not done automatically since this needs to be implemented in
> each protocol; or by an util which has to be run on the serverside on a
> secure connection.
This is the reason I felt it should be in protocols. It requires specific
support from various protocols, and it's not generally useful in (most?)
non-networked applications...
--
______ __ __ _____ _ _
| ____ | \_/ |_____] |_____|
|_____| |_____ | | | |
@ t w i s t e d m a t r i x . c o m
http://twistedmatrix.com/users/glyph
More information about the Twisted-Python
mailing list