On Sun, Sep 4, 2022 at 5:30 PM Michael Catanzaro <mcatanzaro@xxxxxxxxx> wrote: > And anybody who isn't willing ..... ... or able (they are not free, and there may be other restrictions regarding crypto capable device export/import that can require a bit of hoop jumping due to sourcing site shrinkage, all of which does raise bars a bit higher) > ... to buy a security key wouldn't be able to contribute to Fedora > at all. True, and we (as a community) need to understand and support all that wish to contribute, even if they do not have those means. But it is also true that the intent with passkey includes being able to use your (sufficiently modern) mobile device or computer as a source rather than just a physical key(*) (and while I have not tried it (so have no idea how complete/capable it is) I recall there is a golang implementation using your computers TPM2 chip that can be a fido2 authenticator "key" on Linux). While we clearly are not *there* yet, we are getting closer every year where almost everyone has a usable authenticator available to them nearly all the time (typically carried around in their back pocket, or with the user's face staring at the screen). (*) At the recent RSA conference I saw a live demo from a person with devices running iOS, Android, macOS and Windows (no Linux) which could transparently exchange credentials created via FIDO2/passkey technology (even the presenter was a bit surprised there was only a minor "demo effect" glitch since it was partially pre-GA code, but work it did). _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
