COmanage Users List

[Benn Oshrin <>]

On 9/9/16 7:49 AM, Gerben Venekamp wrote:
> > Not exactly in the way you're describing, though you could create an 
> > Identifier Assignment consisting of a long random collision number.
> Hmmm… what does long mean here? I would also prefer random characters 
> ([a-zA-Z0-9] with punctuations etc.) instead of a hash. The idea for 
> application specific passwords (ASP) is that they are randomly generated and 
> are not 32 characters long. I am also thinking on making the length of the 
> ASP configurable and having site admins decide on the length and the validity 
> period of the ASP. For example: short length, valid for a day and then the 
> user must authenticate and generate a new one. You want a longer lasting ASP, 
> generate one with more entropy.

I was just suggesting that identifier assignments

 https://spaces.internet2.edu/x/xIjYAQ

could be used to generate long strings of random numbers as an interim 
approach, more suitable for a proof of concept implementation.

The characteristics you describe are of course much more desirable, 
however it will take some development effort to get there.

Thanks,

-Benn-