https://www.yubico.com/blog/yubico-proposes-webauthn-protoco... Is basically that, but with infinite tickets :)
Here's how YubiCo proposes to address this: https://www.yubico.com/blog/yubico-proposes-webauthn-protoco... Revocation is done RP side, but it essentially allows a primary authenticator to register itself and the…
Agreed, and that's why I say in my original comment that I don't see it happening in the short term. If we had something that worked now or maybe tomorrow and was acceptable, it would simply be virtual authenticators;…
Yes but what the OP is saying is that the TPM does not store the encrypted passkey, rather, the passkey is wrapped with this TPM's public key by another TPM that already trusts this TPM, so this TPM can import a passkey…
receiving synced key material in RAM significantly alters the threat model. Apple's current passkey implementation does not, at any point, handle unwrapped key material in the operating system. I expect all other…
It won't, at least not in the short term. For that to happen trusted platform modules would need an api to export a private key wrapped with a certificate signed by (none/one/all/a quorum) of members in the circle of…
For security keys implementing FIDO (which sometimes you can see referred to as WebAuthn, although that is partially inaccurate), there is currently no good way of backing up the key. If you lose it, then you'll need to…
pron talks about this on https://cr.openjdk.java.net/~rpressler/loom/loom/sol1_part2....
In a library. Loom is more about adapting the JVM itself for continuations and virtual threads than adding to userspace.
FoundationDB is operationally very complex; there's a multitude of processes, no reference architectures of at-scale deployments (althought those do exist; at least at Snowflake and Apple), no docker images with helm…
I am very confused by Table I, claiming Redis and HStore have a multi-key consistency of "Serializable". What meaning is it trying to convey? Serializable is a level of isolation, not of consistency, so how are they on…
I agree with this overall. It seems that C is a language/compiler/toolchain combo that lets you shoot yourself in the foot, but gives you enough access to stuff to be maximially performant in a random (i.e. not…
https://www.yubico.com/blog/yubico-proposes-webauthn-protoco... Is basically that, but with infinite tickets :)
Here's how YubiCo proposes to address this: https://www.yubico.com/blog/yubico-proposes-webauthn-protoco... Revocation is done RP side, but it essentially allows a primary authenticator to register itself and the…
Agreed, and that's why I say in my original comment that I don't see it happening in the short term. If we had something that worked now or maybe tomorrow and was acceptable, it would simply be virtual authenticators;…
Yes but what the OP is saying is that the TPM does not store the encrypted passkey, rather, the passkey is wrapped with this TPM's public key by another TPM that already trusts this TPM, so this TPM can import a passkey…
receiving synced key material in RAM significantly alters the threat model. Apple's current passkey implementation does not, at any point, handle unwrapped key material in the operating system. I expect all other…
It won't, at least not in the short term. For that to happen trusted platform modules would need an api to export a private key wrapped with a certificate signed by (none/one/all/a quorum) of members in the circle of…
For security keys implementing FIDO (which sometimes you can see referred to as WebAuthn, although that is partially inaccurate), there is currently no good way of backing up the key. If you lose it, then you'll need to…
pron talks about this on https://cr.openjdk.java.net/~rpressler/loom/loom/sol1_part2....
In a library. Loom is more about adapting the JVM itself for continuations and virtual threads than adding to userspace.
FoundationDB is operationally very complex; there's a multitude of processes, no reference architectures of at-scale deployments (althought those do exist; at least at Snowflake and Apple), no docker images with helm…
I am very confused by Table I, claiming Redis and HStore have a multi-key consistency of "Serializable". What meaning is it trying to convey? Serializable is a level of isolation, not of consistency, so how are they on…
I agree with this overall. It seems that C is a language/compiler/toolchain combo that lets you shoot yourself in the foot, but gives you enough access to stuff to be maximially performant in a random (i.e. not…