Cornelius Kölbel

We would have to add 1. The CA Certificate, that issued the worker certificate 2. the client certificate 3. the client key The change would occur here: https://github.com/privacyidea/privacyidea/blob/master/privacyidea/lib/caconnectors/msca.py#L125 The cerificates...

@melanger Thanks for the PR. Can you please give some input about your test setup? Windows 10 and which Browser...?

Yes, there is an online-service from haveIbeenpwned, that fetches part of the hashes of passwords. I think it would be great if we could combine both.

@plettich the mentioned lists have roughly 1G of data. We do not want to ship this. I am thinking about dropping this. But on the other hand there are several...

@Happy2C0de thank you for your request and your thoughts and detailed description. However, it is not really clear to us, what problem you actually want to solve? Could you maybe...

@Happy2C0de So you want the push message to contain the information, **where** the user is trying to authenticate? You can already do this with different policies for the push text....

> Thank you for the four steps. Now I understand your concern. However, I do not know, how much effort we will put into making this phishing proof - after...

# Assign one token to a group of machines In a first step we would need to be able to assign *one* token to a group of machines. What needs...

User groups and Token groups could be used generically. User groups e.g. could be used in policies or 4-eyes token. Token groups e.g. could also be used in policies? A...

This could be dependent on #680. We should first gather experience with #680 when v3.6 is productive. Then continue defining and working on how to use this for user groups...