Skip to main content

The WiKID Blog

Viewing posts tagged Open Source

securing-webdav-with-ssl-and-two-factor

One reason for the lack of posts recently has been that I have written a how-to on securing WebDAV with SSL and two-factor authentication. Dealing with WebDAV was more of a pain than I anticipated. First, there seems to be a bug in recent versions of apache that breaks mod_auth_radius and mod_auth_xradis. Second, I spent a lot of time figuring out the ways that WebDAV does not work on Windows ;).

myopenid-security-fix

Josh Hoyt has a preliminary notice about a security fix for MyOpenID. It's limited (at least on MyOpenID) to Safari users, so it's not a big deal. Josh considers it a flaw in the way Safari handles javascript security. But it is clear that OpenID is going through some growing pains as a protocol, which is natural and healthy. I'm impressed with the way the community is handling this vulnerability.

summary-of-identity-landscape

I really need to spend more time thinking about identity and focusing on what WiKID needs to do in the identity space. You'll have an identity no matter how you authenticate, but the more you rely on your identity the more important it becomes and the more secure it should be. But I think most of the identity players are focused on making identity easier - i.e. fewer logins.

tacacs-the-good-and-the-bad

The good news is that the 3.0.1 release of the WiKID Strong Authentication server has improved support for TACACS+. You can now create a file in /opt/WiKID/private called tacacs.local and it's contents will appear in the tacacs.conf file, allowing finer grain control of permissions, etc.

the-10-000-download-mark

Sometime while I was away on vacation we crossed the 10,000 download mark on our Sourceforge site. Thanks to everyone!

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom