@bascule @SwiftOnSecurity @FIDOAlliance Or use smart-cards as enterprises & govt/defense have done for ~15 years before FIDO existed?
@SwiftOnSecurity it's called SQRL and it's terrible, or you could push a button on a hardware token @FIDOAlliance UAF style
-
-
-
@randomoracle@SwiftOnSecurity@FIDOAlliance so you like PKCS#11 or what? It's fucking terrible -
@randomoracle@SwiftOnSecurity@FIDOAlliance fans of PKCS#11 are intentionally or unintentionally anti-privacy -
@bascule@SwiftOnSecurity@FIDOAlliance As are people trying to reinvent homebrew crypto-hardware standards under cute dog name -
@randomoracle have you looked at how U2F key wrapping actually works? It's pretty awesome -
@bascule I'm aware that people not familiar with crypto-hardware are easily impressed by the goat-rodeo that is U2F -
@randomoracle any specific technical complaints? Ad hominems kinda bore me
End of conversation
New conversation -
-
-
.
@SwiftOnSecurity QR codes are a non-solution: http://shouldiuseaqrcode.comThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
.
@SwiftOnSecurity modern smartphones could build in passwordless authentication mechanisms tied to TouchID or what have youThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.