Replies: 1 comment 2 replies
-
|
Yubico has proposed an extension which will probably solve that problem but it requires work on the server side: https://www.yubico.com/blog/yubico-proposes-webauthn-protocol-extension-to-simplify-backup-security-keys/ |
Beta Was this translation helpful? Give feedback.
-
|
yes I am referring precisely to that. conor said to talk on github about this rather than on KS. I am basically just trying to reenforce why this is/will be important |
Beta Was this translation helpful? Give feedback.
-
|
Just as side food for thought path, if you follow https://eprint.iacr.org/2020/1004.pdf, it references Alex Takuwa's ideas, listed here: https://docs.google.com/document/d/1tRLbXYLb9Z65QqhOX7v9D-aq_RUODyn5oALpCXj46K8/. Also the thesis https://digital.lib.washington.edu/researchworks/handle/1773/44147. |
Beta Was this translation helpful? Give feedback.
-
This was started as a little discussion on ks and to be honest i would say this is a cool idea. I agree with conor on the notion that someone has to support it but if i can have the output piped to me via the lib i use and then just validate or just do whatever is needed with it manually that would be at least a way to get a sandbox working.
Because i think the need of actually having your backup key around to register if sux, as just cementing it in somewhere is likely safer.
Also dicekey while cool has the small issue that cloning fido keys isn't a great experience, for example you immediately lose the access to resident keys, obviously a problem for sites that kinda depend on that (microsoft). And then there's the annoying issue that cloned u2f sticks usually run Unix time as the counter which may lead to the issue of the year 2038 problem of the integer overflow if the 32 bit counter is treated as a signed number (php for example would be a likely place as it on windows iirc doesn't support 64 bit numbers and doesn't support unsigned numbers in general.
Also thinking even longer about 68 years after that, yes that's a LOOONG time but not thinking about the long future has caused fun already in the past even an unsigned 32 bit counter would be saturated as well.
(honestly why not divide the Unix time by a number before making it counter? Even dividing by 600 you would have to have over 144 auths per day or one every 10 minutes to make a clone result in a lower counter, and unless someone is blowing up rks or similar that won't happen too often.)
Beta Was this translation helpful? Give feedback.
All reactions