Dan Griffin's Blog

Comments on security, PKI, smart cards, cryptography, and entrepreneurship.

I’ve been notified about two new and/or improved resources for aspiring Vista credential provider authors.

1.  The RTM version of Microsoft’s five sample credprovs is available here, as of 12/26/06 - http://www.microsoft.com/downloads/details.aspx?FamilyID=b1b3cbd1-2d3a-4fac-982f-289f4f4b9300&DisplayLang=en.  Changes from the RC1 version include "minor bug fixes and additional guidance".  If you are tasked with writing a credprov, you should start by modifying one of these.  I promise your life will be enhanced by it.

2.  A new "Technical Reference" document - http://shellrevealed.com/files/folders/code_samples/entry1019.aspx.  (Side note - seems you have to actually click on their link with the mouse; the download control won’t activate from the keyboard, which all true developers know to be the proper tool for HCI.  Unusually poor usability testing on Microsoft’s part …)

Anyway, the document itself provides a lot of details about the credprov interface.  Noteably, it includes a section at the end about "Pre-Logon Access Providers," or PLAPs, which is the Vista mechanism for exposing 3rd party, custom network-level authentication prior to (or combined with) the interactive user authentication.  This is the first external documentation I’ve seen about PLAPs.  For example, ever wondered how to implement multi-factor authentication at the network level, while disabling cached credentials?  This is it.

Permalink |

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment