That sounds like the application param is still used as part of the process though? Would allowing the user to specify the application work in the Solokey case? What is stored in the private keyfile? The documentation says no private key is stored there. So is it just information used to reseed the public/private key? Thanks, Kevin ________________________________________ From: openssh-unix-dev <openssh-unix-dev-bounces+kevin.fox=pnnl.gov@xxxxxxxxxxx> on behalf of Christian Weisgerber <naddy@xxxxxxxxxxxx> Sent: Thursday, January 2, 2020 3:42 PM To: openssh-unix-dev@xxxxxxxxxxx Subject: Re: u2f seed On 2020-01-02, "Fox, Kevin M" <Kevin.Fox@xxxxxxxx> wrote: > In the u2f protocol, my understanding is in the normal case, the web browser seeds the keypair process with the hostname of the remote server. In the case of ssh, the hostname is probably not what I would want to do. But the u2f protocol seems to have a way to handle this. There is no guarantee that the U2F token derives the key pair in a deterministic fashion from the challenge/application parameters passed during registration. For instance, if I read the firmware code correctly, the Solokey creates the key material using its built-in random number generator and only uses its master secret and the application parameter to wrap the key for the key handle. -- Christian "naddy" Weisgerber naddy@xxxxxxxxxxxx _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://protect2.fireeye.com/v1/url?k=c4371812-988227ab-c4373207-0cc47adc5fce-56c2948a65834232&q=1&e=0f45e6c0-4544-44ae-af8d-3d64af881ea7&u=https%3A%2F%2Flists.mindrot.org%2Fmailman%2Flistinfo%2Fopenssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
