Skip to content

Latest commit

 

History

History
36 lines (27 loc) · 1.26 KB

20220628-minutes.md

File metadata and controls

36 lines (27 loc) · 1.26 KB

Authentication Working Group Minutes

Tuesday, 2022/06/28

10:00 am ET

Attendees:

Terrell Russell, Alan King, Kory Draughn, Dave Fellinger, Martin Golasowski (IT4I), Mike Conway (NIEHS), Alexandros Kardaris (SURF), Stefan Wolfsheimer (SURF), Tony Edgin (CyVerse), Claudio Cacciari (SURF)

Minutes

SUMMARY:

DISCUSSION

  • Alan update
    • 4.3.0 has been released
    • KRB ported, but not shipped, could use the new flow if required
  • Stefan update
    • pam_interactive
      • now using PAM and then native with temporary password
      • avoids full PAM stack for each icommand (which is good)
      • working, much more readable
      • demo will work during the talk next week at UGM
    • Still had to update iinit to know/use pam_interactive
      • Stuck with this for now, will ship new logic in iinit in 4.3.1
  • Discussion
    • TTL? Less than 24h?
      • There is a deep assumption in the existing code limiting our ability to move to 'seconds' everywhere - the server was unhappy when the TTL was set 'too low' (the checks were 'out of order')
      • Temporary password vs. limited password
        • We're still not sure the difference/importance/reasoning
    • Other client libraries will need to learn about this new framework as well
  • Next Meeting
    • July 2022