webauthn

• Previous message (by thread): webauthn
• Next message (by thread): webauthn
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

My understanding is that 2-factor is one of the primary drivers for
webauthn.  I feel that hardware dongles are the thing of the past, with
software now being available that runs on your smartphone and serves the
same function.  Example - Google Authenticator.

______
Regards,
Mauricio Rodriguez
Founder / Owner
Fletnet Network Engineering (www.fletnet.com)
1951 NW 7th Ave #600, Miami, FL 33136

Mauricio.Rodriguez at fletnet.com
Office: +1-786-309-5493
Mobile: +1-305-978-6884

Schedule a Meeting with me
<http://scheduling.fletnet.com/mauricio_rodriguez>





On Fri, Mar 22, 2019 at 8:52 PM Michael Thomas <mike at mtcc.com> wrote:

> I know it's a little tangential, but it's a huge operational issue for
> network operations too. Have any NANOG folks been paying attention to
> webauthn? i didn't know about until yesterday, though i wrote a proof of
> concept of something that looks a lot like webauthn in 2012. The thing that
> is kind of concerning to me is that there seems to be some amount of
> misconception (I hope!) that you need hardware or biometric or some
> non-password based authentication on the user device in the many write ups
> i've been reading. i sure hope that misconception doesn't take hold because
> there is nothing wrong with *local* password based authentication to unlock
> your credentials. i fear that if the misconception takes hold, it will
> cause the entire effort to tank. the issue with passwords is transmitting
> them over the wire, first and foremost. strong *local* passwords that
> unlock functionality is still perfectly fine for many many applications,
> IMO.
>
> Which isn't to say that hardware/biometric is bad, it's just to say that
> they are separable problems with their own set of tradeoffs. NANOG folks
> sound like prime examples of who should be using 2 factor, etc. But we
> don't want to discourage, oh say, Epicurious to implement webauthn to get
> to my super-secret recipe box because they don't think people will buy id
> dongles.
>
> Mike
>

-- 
This message (and any associated files) may contain confidential and/or 
privileged information. If you are not the intended recipient or authorized 
to receive this for the intended recipient, you must not use, copy, 
disclose or take any action based on this message or any information 
herein. If you have received this message in error, please advise the 
sender immediately by sending a reply e-mail and delete this message. Thank 
you for your cooperation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190323/520c3ddc/attachment.html>

• Previous message (by thread): webauthn
• Next message (by thread): webauthn
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]