Re: SecureID vs Certificates

[Darren Reed <darrenr () reed wattle id au>]

In some email I received from Tony Miedaner, sie wrote:
[Charset iso-8859-1 unsupported, filtering to ASCII...]
> Hi Folks,
>
> Kind of a high level questions on trade offs between SecureID or
> Certificates.  It would seem pretty obvious that SecureID is a better
> system BUT for many situations it would seem to me that certificates
> would be a reasonable form of two factor authentication.  Can anyone
> provide a good reason why not to use certificates over SecureID?

They're different technologies.

SecurID is a OTP (One Time Password) mechanism.

Digital certificates are about conveying a sense of identity.

In general, if you're doing authentication, you want the person who is
doing the process to prove they have something they have (i.e. the
private certificate/token) as well as something they know - a password
or PIN.

Just make sure you do full authentication of the digital certificates,
unlike what happens in your normal https transaction using SSL.

Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards