[Users] Zeta Alliance 2019 crowdfunding ideas

Victor d'Agostino d.agostino.victor at gmail.com
Tue Jan 15 09:39:53 CET 2019

Hi guys

Otp is not mandatory on a smartphone. The pin code is the 2FA and there is
a local cache so no security.

2FA is only useful for webmail access.

Imap clients make local cache so 2FA is useless too.

In my company for Internet access we use LinOTP in front of the Zimbra
webmail and it was very well welcomed by executives.


Le mar. 15 janv. 2019 à 15:32, Info Zeta Alliance <info at zetalliance.org> a
écrit :

> Well, one needs to start somewhere... and there can be multiple
> ways to authenticate.
> So the web-interface could be 2FA using an OTP code, and
> Z-push could use something else.
> I never had much luck with Z-push and account shares, and also
> it ate a lot of resources when deployed to any server with >100
> users.
> ----- Original Message -----
> From: "Ludo Gorzeman" <ludo at nomennesc.io>
> To: "users" <users at lists.zetalliance.org>
> Sent: Tuesday, 15 January, 2019 09:25:13
> Subject: Re: [Users] Zeta Alliance 2019 crowdfunding ideas
> On Tue, Jan 15, 2019 at 09:00:08AM +0100, Barry de Graaff wrote:
> > If Active Sync has OTP capability (I doubt it)
> No, it doesn't, but AS does support client certificates, which would be
> a cool workaround for not being able to use password/otp-based auth.
> > that would need to be implemented in Z-push.
> Afaik client certs are unsupported in z-push (and zextras, for that
> matter), so indeed that would need to be implemented.
> > Anyone still using Z-push? Why?
> Yes, because freedom ;-) and being a cheapskate, providing free e-mail
> on a community server is not a "business model" that easily affords
> license subscriptions.
> Cheers,
> Ludo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20190115/406a0dde/attachment.html>

More information about the Users mailing list