21 Feb
2010
21 Feb
'10
1:56 a.m.
IMO, OTP is inherently incompatible with replicas because a client can authenticate to each replica with what is intended to be a one time password. The only way to preclude this is, as was basically suggested, is to chain it to the master such that each password can only be used one time.
I have an "easy" fix in this direction; however, I stumbled into another issue: if slapo-chain(5) gets involved in an internal operation, it does not honor custom callbacks registered for the internal operation, and rather attempts to return the result to the caller. As a consequence, I need to address this issue first, before solving the original one.
p.