Re: Universal 2nd Factor (U2F) Authentication for Secure Shell?
Mouse <mouse@Rodents-Montreal.ORG> Fri, 06 January 2017 08:22 UTC
Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72242129C59 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 6 Jan 2017 00:22:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.3
X-Spam-Level:
X-Spam-Status: No, score=-7.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Y32AjVhIElC for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 6 Jan 2017 00:22:02 -0800 (PST)
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33A0B129C58 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Fri, 6 Jan 2017 00:22:02 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 9D45185606; Fri, 6 Jan 2017 08:22:01 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: by mail.netbsd.org (Postfix, from userid 1347) id 5BCDC85604; Fri, 6 Jan 2017 08:22:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id A98B285713 for <ietf-ssh@NetBSD.org>; Thu, 5 Jan 2017 13:52:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id lGMyGt673Kt4 for <ietf-ssh@netbsd.org>; Thu, 5 Jan 2017 13:52:42 +0000 (UTC)
Received: from Stone.Rodents-Montreal.ORG (Stone.Rodents-Montreal.ORG [98.124.61.89]) by mail.netbsd.org (Postfix) with ESMTP id BE53C855B3 for <ietf-ssh@NetBSD.org>; Thu, 5 Jan 2017 13:52:41 +0000 (UTC)
Received: (from mouse@localhost) by Stone.Rodents-Montreal.ORG (8.8.8/8.8.8) id IAA09319; Thu, 5 Jan 2017 08:52:41 -0500 (EST)
Date: Thu, 05 Jan 2017 08:52:41 -0500
From: Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <201701051352.IAA09319@Stone.Rodents-Montreal.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
X-Composition-Start-Date: Thu, 5 Jan 2017 08:34:06 -0500 (EST)
To: ietf-ssh@NetBSD.org
Subject: Re: Universal 2nd Factor (U2F) Authentication for Secure Shell?
In-Reply-To: <F24913CC-2385-45D6-85C3-B390673190DF@timeheart.net>
References: <20170103121647.GF4689@serpens.de> <F24913CC-2385-45D6-85C3-B390673190DF@timeheart.net>
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
>> https://www.ietf.org/archive/id/draft-josefsson-secsh-u2f-00.txt Assuming this has the same content as http://www.ietf.org/archive/id/draft-josefsson-secsh-u2f-00.txt: It is misnamed. I see nothing "universal" about this. (Cf xkcd #927.) I agree that registration does not belong here, any more than editing authorized-keys or known-hosts records, or new key generation, belongs in the base protocol. The referenced fidoalliance document points to at least two references which are 404 (at least for me; given the content of the 404 page, this might be the usual nginx bogon, but the first document working suggests not). In any case, depending on external documents for implementability strikes me as a good way to not get implemented. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
- Universal 2nd Factor (U2F) Authentication for Sec… S.P.Zeidler
- Re: Universal 2nd Factor (U2F) Authentication for… Ron Frederick
- Re: Universal 2nd Factor (U2F) Authentication for… S.P.Zeidler
- Re: Universal 2nd Factor (U2F) Authentication for… Simon Josefsson
- Re: Universal 2nd Factor (U2F) Authentication for… Mouse