I've had a patch on the bugzilla for a while related to U2F with support for a few additional settings such as providing a path to a specific key to use instead of the first one found and setting if user presence is required when using the key. Is there any objection to folding those parts in if appropriate? Joseph, to offer comment on NIST P-256. There was originally quite a limited subset of support in U2F, originally ES256 or RS256. There's since been more added (Ed25519 appears to be one of them at a cursory glance). If you take a look at param.h in the libfido2 repository you'll see the list of supported algorithm constants (COSE_*). From personal experience though I've had a few different brands of pure-u2f-only tokens and never seen support for anything other than P-256 in the wild. Yubicos U2F only keys for example are currently listed on their site as only having P-256 support. I imagine multi-purpose keys might have more expansive support though. RS256 also appears to be marked as deprecated. On Sat, Nov 2, 2019 at 7:54 PM Joseph S. Testa II <jtesta@xxxxxxxxxxxxxxxxxxxx> wrote: > > On 11/1/19 4:36 AM, Damien Miller wrote: > > new key type "sk-ecdsa-sha2-nistp256@xxxxxxxxxxx" > > Was ECDSA with NIST P-256 strictly necessary, or would Ed25519 be > possible as well? > > Thanks, > - Joe > > -- > Joseph S. Testa II > Founder & Principal Security Consultant > Positron Security > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
