https://bugzilla.mindrot.org/show_bug.cgi?id=2319
Simon Josefsson <si...@josefsson.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |si...@josefsson.org
--- Comment #7 from Simon Josefsson <si...@josefsson.org> ---
Hi everyone.
I agree that it would be nice to write up the protocol spec in IETF
form -- talking to Michael, he would be positive to this so I started
that effort. See:
https://gitorious.org/ietf-simon/u2f-secsh/source/
In particular:
https://gitorious.org/ietf-simon/u2f-secsh/raw/draft-josefsson-secsh-u2f.txt
As of writing, this is just cut'n'paste from Michael's description, but
the intention is to expand on it. If anyone wants commit rights, just
drop me an email.
FWIW, my background is that I'm working at Yubico and have been
involved in the U2F protocol and its standardization.
I'm not sure if this bug report is the best place for design
discussions, but I believe one aspect of Michael's protocol should be
discussed further. Maybe this protocol shouldn't do U2F registration.
The U2F Registration can happen out-of-band using some command line
tools (see our u2f-host and u2f-server projects). Then you could use
U2F as a single-factor protocol too. I find that the server admin part
of handling registration is a bit strange. It may be that I'm not just
getting what is achieved here.
Cheers,
Simon
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
