| *** nowen (~nowen@adsl-66-184-38.asm.bellsouth.net) has joined #wikid | 13:14 | |
| manonst_ | nowen: you around? | 14:32 |
|---|---|---|
| nowen | yes | 14:32 |
| manonst_ | so v4 is going to support a new mechanism for domain codes, in addition to that | 14:33 |
| manonst_ | i was wondering if the domain it registers to could download a logo - across the board for all clients | 14:33 |
| nowen | hmm | 14:33 |
| manonst_ | then when the user sees a list of all of the tokens they have registered, perhaps a logo is next to it | 14:33 |
| nowen | you mean like a favicon? | 14:34 |
| manonst_ | i was hoping for larger than that | 14:34 |
| manonst_ | but you want to target hosting environments and such | 14:34 |
| manonst_ | branding is important | 14:34 |
| manonst_ | let me get you an examplke | 14:35 |
| nowen | ok | 14:35 |
| manonst_ | do you have itunes? | 14:35 |
| manonst_ | http://itunes.apple.com/us/app/entrust-identityguard-mobile/id384717687?mt=8 | 14:35 |
| nowen | not on this machine | 14:35 |
| manonst_ | actually you can see via the web interface | 14:35 |
| nowen | yes | 14:35 |
| manonst_ | that pitches wikid as the platform, but the provider as the service | 14:36 |
| nowen | yes | 14:36 |
| nowen | looks nice | 14:36 |
| manonst_ | as long as the logo is the right size | 14:36 |
| manonst_ | its quite a bit of work to do for all clients, but it really gives it a polished branded feel | 14:37 |
| manonst_ | and allows it to work server side automatically when you add the domain code | 14:37 |
| nowen | yes | 14:37 |
| nowen | looks doable. I'm adding to the 4.x list | 14:40 |
| manonst_ | cool | 14:45 |
| manonst_ | i'm not sure we want to do this, but it might even be cool to offer logos on a per domain level | 14:45 |
| manonst_ | to allow individual clients to use their own logos | 14:46 |
| nowen | yeah, we will do it on a per-domain level | 14:46 |
| nowen | what you do would then be up to you | 14:46 |
| *** manonst_ is now known as manonst | 14:46 | |
| *** bigbash (~bigbash@pdpc/supporter/student/bigbash) has joined #wikid | 14:51 | |
| nowen | hi bigbash | 14:52 |
| bigbash | Hi nowen | 14:52 |
| bigbash | Oh found what I was looking for :) | 14:53 |
| nowen | hehe, what was that? | 14:54 |
| bigbash | I wanted to make a nixie clock with a button feature that display/generate a token I was just looking for some C++ info | 14:54 |
| nowen | not sure I follow. | 14:55 |
| nowen | is the nixie clock to be an OTP generator? | 14:55 |
| bigbash | yes | 14:56 |
| nowen | huh | 14:56 |
| bigbash | just though it'd be a fun idea | 14:56 |
| nowen | does the nixie clock have internet? | 14:56 |
| bigbash | A friend and I are challengin each other to design something with nixie tubes | 14:56 |
| bigbash | it will | 14:56 |
| nowen | ok | 14:56 |
| nowen | we don't have a C++ client. java here, there is a python client | 14:57 |
| bigbash | hmm I think it was just the dll that I found | 14:57 |
| nowen | don't confuse network clients with token clients - the former is if you want to login to your clock, the latter for OTPs | 14:58 |
| bigbash | Says dll for the 3.0 WiKID Strong Authentication Server for ASP, VB, .net, C# and C++ | 14:58 |
| nowen | that's the network client | 14:58 |
| bigbash | ah | 14:59 |
| nowen | so, can you use java or python? | 15:01 |
| nowen | or we can guide you in creating a C++ client, perhaps | 15:01 |
| bigbash | Java might work | 15:02 |
| nowen | what hardware are you using? is there a specs page? | 15:02 |
| bigbash | I'm going to use an arduino to control everything | 15:02 |
| bigbash | most likely the arduino uno | 15:03 |
| nowen | ok | 15:03 |
| bigbash | so if i did decide to write it from scratch where were you going to guide me to? | 15:07 |
| nowen | well, I can send you the doc describing the token api | 15:08 |
| bigbash | that would be awesome, i was trying to find it on the site | 15:08 |
| nowen | and if you read python: http://code.google.com/p/pywikid/ | 15:08 |
| nowen | yeah, we don't get a lot of people wanting to write tokens, but maybe that will change | 15:09 |
| bigbash | Couldn't hurt to have plenty of options | 15:09 |
| nowen | true, true! | 15:10 |
| bigbash | I'm going to idle here for a few, I have to run out and do something quick | 15:10 |
| nowen | k | 15:10 |
| bigbash | nowen, do you want me to pm you my email? | 15:54 |
| nowen | sure, I'll put it up on the web somewhere soon, but that would be quickest | 15:54 |
| bigbash | ok | 15:55 |
| nowen | ahh ;) | 15:55 |
| bigbash | same from twitter :) | 15:56 |
| bigbash | got it | 15:57 |
| nowen | k | 15:57 |
| bigbash | nowen, the pdf seems to not have anything, I get an error on both linux and windows | 16:05 |
| nowen | resending | 16:06 |
| *** makobug (~csec14_2@newproxy.umiacs.umd.edu) has joined #wikid | 16:26 | |
| nowen | bigbash: it would help if I hit the send button | 16:36 |
| bigbash | hehe | 16:36 |
| bigbash | ok it works | 16:37 |
| bigbash | thank you | 16:37 |
| bigbash | nowen, so is the UTF reg value the save as the deviceID? | 16:49 |
| bigbash | *same | 16:49 |
| nowen | no, they are not | 17:01 |
| bigbash | ok, I'm just going through what's getting passed back and forth, I'm going to setup a test vm and just mess with stuff :) | 17:02 |
| bigbash | thanks again for the help and the doc | 17:02 |
| nowen | okl | 17:05 |
| makobug | Quick question about WiKID's password reset mechanism. The website mentions that the WiKID server sends an OTP to the Domain Controller as the user's new password. So am I correct in assuming that the OTP [encrypted with the client's-pubkey] is sent to the client as well? Then when the client goes to log into the Domain Controller, said client is authenticated with this OTP ? | 17:36 |
| nowen | makobug: that code has been deprecated, but that is correct | 17:37 |
| nowen | the account is (was) flagged to require a password reset | 17:38 |
| *** Makobit (~AndChat@129-2-142-19.wireless.umd.edu) has joined #wikid | 17:38 | |
| nowen | it shouldn't be hard to add something similar back into the server | 17:38 |
| *** Makobit is now known as Guest30569 | 17:39 | |
| nowen | though we might do it differently | 17:39 |
| *** Guest30569 has quit (Client Quit) | 17:39 | |
| makobug | hmm, mmkay | 17:47 |
| nowen | what's your use case? | 17:47 |
| makobug | I'm not entirely sure yet. I'm participating in a competition involiving hardening systems. We are introduced to a pre-existing network that will have a WiKID server in use so I wanted to make sure I understand the authentication scheme | 17:48 |
| nowen | hmm, interesting. is it some hacking comp? | 17:49 |
| makobug | It's the Collegiate Cyber Defense Competition: http://www.midatlanticccdc.org/CCDC/ | 17:49 |
| makobug | we're on the defending side :) | 17:49 |
| nowen | awesome | 17:50 |
| nowen | but then you have a short time frame? | 17:50 |
| makobug | yes indeed | 17:50 |
| nowen | what is the server configured to do? | 17:52 |
| makobug | We're not entirely sure. We've been given pretty limited information: https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0B4IJmcpK0sWiZjFiNjAxMjItNWEyOC00Y2MwLTk2ZmUtNTQyZjQ1YzE0N2Nm&hl=en&authkey=CIjlpaoF | 17:54 |
| makobug | page 11 has the network map, page 13 has general information and page 15 has the services we have to provide | 17:54 |
| makobug | my guess currently is that it will be used to authenticate intranet users trying to access the OpenPDC web portal | 17:55 |
| makobug | as well as potentially using it to autheticate domain users for just about anything. It's my understanding that as long as we provide the necessary services, we can do just about anything with it. So using it as the big authentication mechanism for all of the machines on that intranet/the firewall would be awesome | 17:56 |
| makobug | it is also my impression that the intranet may not even be functioning correctly from the start. the WiKID server might not even be configured to authenticate anyone for anything :p | 17:56 |
| makobug | Thanks for the help btw. I think my verbosity filter is off today :p | 17:59 |
| makobug | Drop me a line of you have any tips/time/thoughts you're willing to share :) thanks again (mako@umdcsec.org) | 18:07 |
| *** makobug has parted #wikid (None) | 18:07 | |
| *** makobug (~csec14_2@128.8.135.198) has joined #wikid | 23:06 | |
| *** nowen has quit (Quit: Leaving.) | 23:18 | |
| *** makobug has quit (Quit: Leaving.) | 23:45 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!