Dr. Hax on Nostr: I think it is a mistake to upload your private keys to other people (e.g. Google, ...
I think it is a mistake to upload your private keys to other people (e.g. Google, Apple) in the way passkeys do.
I understand the convience factors, and the concern about backups, and I stand by my statement
FIDO2 got that right. Passkeys got that wrong.
#ZeroTrust #hardware #security #cryptography #infosec #cybersecurity
Published at
2024-10-30 18:12:44Event JSON
{
"id": "06e521180bbf7384cd09f3c88a2eac5b1b506b65f35645d53fefc3ec9068bae2",
"pubkey": "d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511",
"created_at": 1730311964,
"kind": 1,
"tags": [
[
"t",
"ZeroTrust"
],
[
"t",
"zerotrust"
],
[
"t",
"hardware"
],
[
"t",
"security"
],
[
"t",
"cryptography"
],
[
"t",
"infosec"
],
[
"t",
"cybersecurity"
]
],
"content": "I think it is a mistake to upload your private keys to other people (e.g. Google, Apple) in the way passkeys do.\n\nI understand the convience factors, and the concern about backups, and I stand by my statement\n\nFIDO2 got that right. Passkeys got that wrong.\n\n#ZeroTrust #hardware #security #cryptography #infosec #cybersecurity",
"sig": "cbe9f82504a04584c533fba45be312530e9303dcd913e2b35cc2f660b04ffa5c6b190ba0a808ff873cbb1a469266acdd54df6828a39ecbb7da4d8435c5eecc41"
}
