- Question on platform lock-in - 1 Update
- TPM attestation Signature Encoding Error - 1 Update
- When Both platform and roaming authenticator registered in android - 1 Update
Tim Cappalli <Tim.Ca...@microsoft.com>: Nov 27 04:50PM
There is active work to develop a protocol to securely migrate credentials across providers. I can't say whether all providers will implement it, but there are quite a few players, large and small, that are engaged in the work.
tim
From: fido...@fidoalliance.org <fido...@fidoalliance.org> on behalf of Franz Winter <xfw...@gmail.com>
Date: Thursday, November 23, 2023 at 06:23
To: FIDO Dev (fido-dev) <fido...@fidoalliance.org>
Subject: [FIDO-DEV] Question on platform lock-in
If I go full passkeys on my Apple devices using Apple's Keychain: Would I be able to comfortably do a platform switch to Android in the future?
I understand that I would be able to transfer every single passkey for a specific service, but would I be able to transfer all of them together?
Thank you!
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org<mailto:fido-dev+u...@fidoalliance.org>.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bd8b83e6-55c0-4a09-8f54-2854ccf661den%40fidoalliance.org<https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bd8b83e6-55c0-4a09-8f54-2854ccf661den%40fidoalliance.org?utm_medium=email&utm_source=footer>.
Emil Lundberg <em...@yubico.com>: Nov 27 10:37AM +0100
It could be that the *credential public key* uses RSA with SHA256, but
the *attestation
key* uses RSA with SHA1. This would mean that you would need to use SHA1 to
verify the *attestation signature*, but any subsequent *assertion
signatures* must be verified with SHA256.
Would you mind sharing an attestation object that exhibits the issue?
Emil Lundberg
Senior Software Engineer | Yubico <http://www.yubico.com/>
On Fri, Nov 24, 2023 at 11:08 PM Arshad Noor <arsha...@strongkey.com>
wrote:
hetin k <het...@gmail.com>: Nov 26 11:52PM -0800
When Both platform and roaming authenticator registered in android, android
only allow platform authenticator to authenticate and no fallback for
roaming authenticator when both platform and roaming authenticator
available. IOS allow user to choose in this case.
@AGL, Can you provide any idea on this?
You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page.
To unsubscribe from this group and stop receiving emails from it send an email to fido-dev+u...@fidoalliance.org.