On Tuesday, 28 February 2017 00:28:21 CET NIIBE Yutaka wrote: > Anyhow, it would be possible for Gnuk to add U2F support (somehow > limited, because of available resource on board).
regarding limited resources, the Yubikey people did a fine trick: There is no per-website data stored on the Yubikey. So the amount of websites you can use a single FIDO U2F key for is unlimited. See "Limited storage on device" for details: https://developers.yubico.com/U2F/Protocol_details/Key_generation.html Also I think the attestation key is not enforced by websites, so gnuk could just send a bogus / user configurable cert. Cheers, Thomas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
