|Very basic and possibly dumb question from a newbie.
|Page 1 of 1|
|Author:||davidm [ Fri Apr 09, 2010 4:33 pm ]|
|Post subject:||Very basic and possibly dumb question from a newbie.|
Okay, I understand that I can use your API to verify that an OTP is valid. But doesn't that just prove that the user has a valid Yubikey? How do I verify that they have a Yubikey that I supplied to them and not just one they purchased? After I get a Status=OK response from you, how do I validate that it really is one of my Yubikeys?
|Author:||Bryan53 [ Fri Apr 09, 2010 5:38 pm ]|
|Post subject:||Re: Very basic and possibly dumb question from a newbie.|
See sections 2.1, 2.1.1 & 2.1.2 here: http://yubico.com/files/YubiKey_manual-2.0.pdf
|Page 1 of 1||All times are UTC + 1 hour|
|Powered by phpBB® Forum Software © phpBB Group