Hi, Channel ID binding is a protection against MITM attacks. It is just used during an ongoing request, to verify that the server challenge is signed by the U2F device and returned using the same shared TLS session.
To this day,
- on the client side, it is compatible with chrome/chromium only
I do like this feature and I am trying to promote it everywhere but it seems rather hard to find a server side implementation, available on the shelf, to use it on your own server/services.
Gluu main developer recently had it on its roadmap (for a future release)
--
Fred