[CALUG] seeking RSA advice -- RSA "SecurID" perhaps?

Bryan J Smith b.j.smith at ieee.org
Wed Jul 1 00:10:45 EDT 2009


On Wed, 2009-07-01 at 00:01 -0400, Bryan J Smith wrote:
> RSA is often liked because you just add the 6 digit token to the end of
> your password, and that's something that can be parsed out in a stream.
> There are positives and negatives to doing it.  Most of the time, RSA
> gets the nod out of "familiarity."
> But it's a single vendor lock-in detail.

I don't want to sound anti-RSA.  RSA SecurID is the "right fit" for many
organizations.  The appliance/key combination with a fixed number of
hours of consulting is how it's typically sold, and people like it.

It is especially sold to those that have no idea how to leverage the
native certificate services (CS) in their directory server (MS AD, RH
DS, etc...), but either understand or have someone else setup the RADIUS
and other services.

The crypto involved with CS can seem "voodoo" to some, even with
SmartCards.  With RSA SecurID, you have a number that rotates every
minute, it's there, that's good enough, SmartCards seem like overkill.



-- 
Bryan J  Smith     Professional, Technical Annoyance 
Linked Profile:   http://www.linkedin.com/in/bjsmith 
---------------------------------------------------- 
      Fission Power:  An Inconvenient Solution       





More information about the CALUG mailing list