Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

/chromium.org/d/msg/Blink-dev/SdceviqfKJo/zIMMWWoLBgAJ J.C. On Wed, May 22, 2019 at 7:05 AM sraman--- via dev-platform < dev-platform@lists.mozilla.org> wrote: > Hi all, > > Thank you for enabling U2F! But Duo Security's implementation of U2F is > dependent on the Trusted Facet fu

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

Hi all, Thank you for enabling U2F! But Duo Security's implementation of U2F is dependent on the Trusted Facet functionality, as we need to reliably enroll/authenticate a U2F credential across subdomains. Until the trusted facet functionality is implemented I don't believe we can

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

Thanks for being flexible here in the face of adversity, big fan of running trains even if it seems icky in the short term. On Wed, Mar 27, 2019 at 1:00 PM JC Jones wrote: > On Tuesday, March 26, 2019 at 12:50:21 PM UTC-7, Alex Gaynor wrote: > > Simply flipping the pref, and not including regist

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

On Tuesday, March 26, 2019 at 12:50:21 PM UTC-7, Alex Gaynor wrote: > Simply flipping the pref, and not including register support seems a bit > unfortunate, as it'll leave some websites in a works-sometimes state. While > some larger sites have UIs and help articles explaining that Firefox works >

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

github.com/fido-alliance/google-u2f-ref-code/blob/master/u2f-gae-demo/war/js/u2f-api.js On Fri, Mar 22, 2019 at 5:34 AM Philip Jägenstedt wrote: > Hi all, > > Some naive questions to understand what's happened here. > > Is > > https://fidoalliance.org/specs/fido-u2

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

want full security key support for Google > > > Accounts in Firefox in the near term, we need to graduate our FIDO U2F > > > API support from “experimental and behind a pref” > > > > I think it's problematic to describe something as "experimental" i

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

erm, we need to graduate our FIDO U2F > > API support from “experimental and behind a pref” > > I think it's problematic to describe something as "experimental" if > it's not on path to getting enabled. [...] > So I think it's especially important to m

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

Hi all, Some naive questions to understand what's happened here. Is https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#high-level-javascript-api the API that will be added to Firefox? Is https://cs.chromium.org/chromium/src/chrome/br

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

On Thu, Mar 14, 2019 at 8:12 PM J.C. Jones wrote: > It appears that if we want full security key support for Google > Accounts in Firefox in the near term, we need to graduate our FIDO U2F > API support from “experimental and behind a pref” I think it's problematic to describ

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

shipped and the lifecycle of these devices out in > the field. Without going into too many details, in order to not lock users > out of their devices, we cannot switch u2f register to webauthn create() > until there is sufficient churn in Android devices. You can expect webauthn > get() t

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

to not lock users out of their devices, we cannot switch u2f register to webauthn create() until there is sufficient churn in Android devices. You can expect webauthn get() to come much much sooner, as that is not impacted. Again, this is only happening because of how the code that adds

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

On Fri, Mar 15, 2019 at 10:35 AM devsnek wrote: > If this is how you feel, encourage Google to fix the problem. This isn't > Firefox's fault, Firefox is doing the right thing by supporting > standardized APIs instead of "whatever Google uses". It's incredibly > frustrating and demoralizing to see

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

On Thursday, 14 March 2019 13:12:24 UTC-5, JC Jones wrote: > However, a multi-year delay for the largest security key-enabled web > property is, I think, unreasonable to push upon our users. We should > do what’s necessary to enable full security key support on Google > Accounts as quickly as is

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

On Thu, Mar 14, 2019 at 11:25 AM Alex Gaynor wrote: > one overriding concern: phishing, particularly moderately-sophisticated > phishing which can handle forms of 2FA such as TOTP, SMS, or push, is a > scourge. TOTP was never much defense against phishing, just password compromise (shoulder sur

Re: Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

cal response to > phishing, which is why we’ve championed it as a technology. All major > browsers either support it already, or have their support in-progress, > yet adoption by websites has been slow. The deprecated Javascript API > that WebAuthn replaces, the FIDO U2F API [0], is

Intent-to-Ship: Backward-Compatibility FIDO U2F support for Google Accounts

, the FIDO U2F API [0], is mostly confined to Chromium-based browsers. # tl;dr # To make security keys work with Google Accounts in the near future, I propose enabling our FIDO U2F API for google.com domains, controlled by a whitelist preference. Waiting on Google Accounts to fully support Web

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

Henri, I think there's value in providing an impetus to Google Accounts to migrate from U2F-style enrolled credentials to Web Authentication-style. That said, I agree, it shouldn't be an ongoing maintenance burden. Thanks, all, for the input on this intent-to-ship. I've filed Bug

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

On Tue, Jan 30, 2018 at 6:49 PM, J.C. Jones wrote: > I also recognize that Google > Accounts is the largest player in existing U2F device enrollments. ... > If we choose not to do this, Google Accounts users who currently have U2F > enabled will not be able to authenticate using F

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

ogram (which mandates only u2f two-factor). This has meant a number of us have to have two browsers open as we literally cannot use those accounts in Firefox. I'm a bit worried about what will happen if Google APP enrollees have to re-enroll tokens instead of the seamless harcoded allowance... I&

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

that. > > They are concerned about Google Accounts that are accessed using a U2F > device very infrequently (once or twice per year) needing multiple > opportunities to re-enroll, hence asking for the long period. > > If we choose a shorter period, the worst-case is some of tho

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

My understanding is that the gstatic migration will take effect as soon as Google deploys Web Authentication. Re-enrolling devices will start some unspecified time after that. They are concerned about Google Accounts that are accessed using a U2F device very infrequently (once or twice per year

Re: Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

On Tue, Jan 30, 2018 at 8:49 AM, J.C. Jones wrote: > Summary: Support already-enrolled U2F devices with Google Accounts for Web > Authentication > > Web Authentication is on-track to ship in Firefox 60 [1], and contains > within it support for already-deployed USB-connected FIDO U

Intent to Ship - Support already-enrolled U2F devices with Google Accounts for Web Authentication

Summary: Support already-enrolled U2F devices with Google Accounts for Web Authentication Web Authentication is on-track to ship in Firefox 60 [1], and contains within it support for already-deployed USB-connected FIDO U2F devices, and we intend to ship with a spec extension feature implemented

Re: u2f

OK, that seems to jive with the Fedora bug that needed u2f-hidraw-policy: https://bugzilla.redhat.com/show_bug.cgi?id=1513968 Given that, ibhidapi-hidraw0 might be what's needed on Debian, but I haven't tested it yet. I've filed Bug 1434277 <https://bugzilla.mozilla.org/show_

Re: u2f

On Mon, Jan 29, 2018 at 09:36:15AM -0700, J.C. Jones wrote: > The only big U2F property I am familiar with that our support doesn't > function for is Google Accounts, but I'm sure there are others. (It'd be > interesting to get a list. I'll take that to a different thr

Re: u2f

s truly "allow ME to use my ubikeys?" (emphasis mine) > then you can do that since Firefox 57, by changing some internal prefs. > https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/ > > If you question was more the "support this standard fully" part t

Re: u2f

Our U2F support is incomplete, due to complexities with and ambiguities related to the algorithm U2F uses to bypass the single-origin security policy. I chose not to spend the time to implement that in favor of Web Authentication. The only big U2F property I am familiar with that our support

Re: u2f

n do that since Firefox 57, by changing some internal prefs. https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/ I've tried this in 57 at that time and 58 this weekend on Linux without getting it to work. So for sites I need to log in that support U2F I currently need t

Re: u2f

ging some internal prefs. https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/ If you question was more the "support this standard fully" part that's a trick question. U2F is not a standard and even members of the group that pushed it have implemented some things

Re: u2f

On 1/27/18 9:35 PM, greyhorseman wrote: so we're talking 2 full releases and maybe 6-7 months? Am I at at least close to correct. According to , Firefox 60 should shop in about 3.5 months if nothing weird happens. -Boris __

Re: u2f

On Friday, January 26, 2018 at 9:34:19 PM UTC-5, Daniel Veditz wrote: > On Fri, Jan 26, 2018 at 6:06 PM, greyhorseman wrote: > > > question is when, if ever, Firefox is going to support this standard fully > > and allow me to use my ubikeys? > > > > https://hacks.mozilla.org/2018/01/using-hardwa

Re: u2f

On Fri, Jan 26, 2018 at 6:06 PM, greyhorseman wrote: > question is when, if ever, Firefox is going to support this standard fully > and allow me to use my ubikeys? > https://hacks.mozilla.org/2018/01/using-hardware-token-based-2fa-with-the-webauthn-api/ __

u2f

question is when, if ever, Firefox is going to support this standard fully and allow me to use my ubikeys? ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Intent to implement and ship: FIDO U2F API

> what Dirk says is correct, namely that the FIDO interface to Token Binding > and Channel ID are very similar. However, we have to implement one or the > other or both in TLS, and I don't see a lot of value in doing both. > > > I am still concerned about Mozilla Foundation d

Re: Intent to implement and ship: FIDO U2F API

On Monday, February 8, 2016 at 10:54:36 PM UTC+1, Ryan Sleevi wrote: > On Mon, Feb 8, 2016 at 1:13 PM, Frederic Martin wrote: > > > > 1) From a security architect perspective. This is an official > > recommendation that makes sens to prevent MITM attacks. FIDO U2F was &g

Re: Intent to implement and ship: FIDO U2F API

ozilla Foundation deciding not to implement > this protection inside Firefox for two main reasons. > > 1) From a security architect perspective. This is an official > recommendation that makes sens to prevent MITM attacks. FIDO U2F was > created to minimize/eliminate that kind of risk. T

Re: Intent to implement and ship: FIDO U2F API

On Mon, Feb 8, 2016 at 1:13 PM, Frederic Martin wrote: > > 1) From a security architect perspective. This is an official recommendation > that makes sens to prevent MITM attacks. FIDO U2F was created to > minimize/eliminate that kind of risk. U2F itself addresses phishing. T

Re: Intent to implement and ship: FIDO U2F API

aEO29oIeEAAJ I am still concerned about Mozilla Foundation deciding not to implement this protection inside Firefox for two main reasons. 1) From a security architect perspective. This is an official recommendation that makes sens to prevent MITM attacks. FIDO U2F was created to minimize/elimin

Re: Intent to implement and ship: FIDO U2F API

On Fri, Feb 5, 2016 at 3:22 PM, Fred Le Tamanoir wrote: > Hi, > > Great news about you making progress on this ! > > Since I read here and there that you are working with Firefox & Chrome U2F > support consistency in mind, what's your take on TLS Channel ID (Toke

Re: Intent to implement and ship: FIDO U2F API

Hi, Great news about you making progress on this ! Since I read here and there that you are working with Firefox & Chrome U2F support consistency in mind, what's your take on TLS Channel ID (Token Binding) support inside Firefox ? It is a recommended feature for FIDO U2F client (Fir

Re: Intent to implement and ship: FIDO U2F API

All, We're making progress on implementing FIDO U2F in Firefox. The effort is split into a number of bugs at present. First, a quick rundown of where we are: * The tracking bug for U2F support is Bug 1065729. * Bug 1198330 is to implement USB HID support in Firefox. * Bug 1231681 implement

Re: Intent to implement and ship: FIDO U2F API

Alliance. > Work has begun in the W3C to create open standards using FIDO as a starting > point. We are proposing to implement the FIDO U2F API in Firefox in its > current form and then track the evolving W3C standard. > > Background: The FIDO Alliance has been developing a standard f

Re: Intent to implement and ship: FIDO U2F API

I'm no longer directly involved with the FIDO Alliance, so I can't speak to the FIDO 2.0 timelines, but my general experience there plus at the W3C tells me that it will some time before the new APIs stabilize. I hope that this won't dissuade Mozilla from beginning work on i

Re: Intent to implement and ship: FIDO U2F API

On 12/04/2015 06:56 PM, smaug wrote: Looks like the spec could be made implementable by fixing https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#high-level-javascript-api "provide a namespace object u2f of the following interface" do

Re: Intent to implement and ship: FIDO U2F API

Looks like the spec could be made implementable by fixing https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#high-level-javascript-api "provide a namespace object u2f of the following interface" doesn't mean anything, so either th

Re: Intent to implement and ship: FIDO U2F API

finished) and can't be implemented, so let's focus on existing solutions with existing specifications and existing products (the ones that work with google/gmail, github, dropbox and many federated identity portals. FIDO U2F specifications are complete for USB/HID devices & desktop br

Re: Intent to implement and ship: FIDO U2F API

e > > W3C version will be much nicer. > > This seems like like a strange path to take. Why implement both? (already discussed but let's summarize) There are plenty of existing U2F source code, online services and hardware products already available for U2F, unluckily only su

Re: Intent to implement and ship: FIDO U2F API

te events, happened to have been launched beyond > the scope of a few limited sites. Oh believe me, U2F is not ready to die. U2F is a great second factor solution, whatever ongoing FIDO 2 discussion. > > Are you following the Fido Alliance on going work? > > To an extent my s

Re: Intent to implement and ship: FIDO U2F API

On 12/2/15 6:48 AM, Richard Barnes wrote: My initial intent was to propose implementing [1], then implementing [2] when it's ready. After all, there's a lot in common, and as you say, the W3C version will be much nicer. This seems like like a strange path to take. Why implement both? From el

Re: Intent to implement and ship: FIDO U2F API

t; things that are currently discussed without even an agenda. And I don't even > speak about the authenticator side, there is no information/specifications at > all for that. To an extent my sanity permits, yes. > Please focus on existing full specifications with existing services

Re: Intent to implement and ship: FIDO U2F API

s is even more flagrant. Are you following the Fido Alliance on going work? there are tons of things that are currently discussed without even an agenda. And I don't even speak about the authenticator side, there is no information/specifications at all for that. Please focus on existing fu

Re: Intent to implement and ship: FIDO U2F APIU

On 12/2/15 5:42 PM, Ryan Sleevi wrote: On Wednesday, December 2, 2015 at 1:17:46 PM UTC-8, smaug wrote: I don't understand how 1) could be implemented when the spec has left the key piece undefined, as far as I see. As the spec puts it "This specification does not describe how such a port is m

Re: Intent to implement and ship: FIDO U2F API

On Wednesday, December 2, 2015 at 1:17:46 PM UTC-8, smaug wrote: > I don't understand how 1) could be implemented when the spec has left the key > piece undefined, as far as I see. > As the spec puts it "This specification does not describe how such a port is > made available to RP web pages, as

Re: Intent to implement and ship: FIDO U2F API

On Wed, Dec 2, 2015 at 1:11 PM, Frederic Martin wrote: > > > There are probably other questions Mozilla Core Team should ask to > > > themselves : > > > > > > - Having a greater/larger HID Support, outside the FIDO U2F scope ? > > > (This allows web s

Re: Intent to implement and ship: FIDO U2F API

ted, so let's focus on existing solutions with existing specifications and existing products (the ones that work with google/gmail, github, dropbox and many federated identity portals. FIDO U2F specifications are complete for USB/HID devices & desktop browsers. Additional information (cop

Re: Fido U2F, two-factor authentication support

Le lundi 9 novembre 2015 18:29:20 UTC+1, Michael Schwartz (m...@gluu.org) a écrit : > Hi guys... if you need a FIDO U2F server to test against, the Gluu Server has > endpoints built in. Its really easy to deploy on Ubuntu / Centos: > http://www.gluu.org/docs/admin-guide/deployment/ >

Re: Intent to implement and ship: FIDO U2F API

create open standards using FIDO as a starting point. We are proposing to implement the FIDO U2F API in Firefox in its current form and then track the evolving W3C standard. Background: The FIDO Alliance has been developing a standard for hardware-based user authentication known as “Universal Two

Re: Intent to implement and ship: FIDO U2F API

On 12/02/2015 07:25 AM, ryan.sle...@gmail.com wrote: On Tuesday, December 1, 2015 at 6:04:30 PM UTC-8, Jonas Sicking wrote: Oh well. Bummer. / Jonas If it cheers you up any, the 2.0 API that replaces the U2F API uses promises - http://www.w3.org/Submission/2015/SUBM-fido-web-api-20151120

Re: Intent to implement and ship: FIDO U2F API

> > There are probably other questions Mozilla Core Team should ask to > > themselves : > > > > - Having a greater/larger HID Support, outside the FIDO U2F scope ? > > (This allows web services to communicate with HID devices - i.e. > > that's how some cr

Re: Intent to implement and ship: FIDO U2F API

On 2015-12-02 9:48 AM, Richard Barnes wrote: On Wed, Dec 2, 2015 at 12:25 AM, wrote: On Tuesday, December 1, 2015 at 6:04:30 PM UTC-8, Jonas Sicking wrote: Oh well. Bummer. / Jonas If it cheers you up any, the 2.0 API that replaces the U2F API uses promises - http://www.w3.org/Submission

Re: Intent to implement and ship: FIDO U2F API

On Wed, Dec 2, 2015 at 9:53 AM, Robert O'Callahan wrote: > On Wed, Dec 2, 2015 at 9:37 AM, Eric Rescorla wrote: > >> Are you thinking of something like WebUSB? >> (https://reillyeon.github.io/webusb/)? This is something we've looked at >> a bit but we're still trying to wrap our heads around the

Re: Intent to implement and ship: FIDO U2F API

On 02.12.2015 18:53, Robert O'Callahan wrote: > On Wed, Dec 2, 2015 at 9:37 AM, Eric Rescorla wrote: > >> Are you thinking of something like WebUSB? >> (https://reillyeon.github.io/webusb/)? This is something we've looked at >> a bit but we're still trying to wrap our heads around the security >>

Re: Intent to implement and ship: FIDO U2F API

On Wed, Dec 2, 2015 at 9:37 AM, Eric Rescorla wrote: > Are you thinking of something like WebUSB? > (https://reillyeon.github.io/webusb/)? This is something we've looked at > a bit but we're still trying to wrap our heads around the security > implications. > Where are we discussing that? I'd re

Re: Intent to implement and ship: FIDO U2F API

gt; There are probably other questions Mozilla Core Team should ask to > themselves : > > - Having a greater/larger HID Support, outside the FIDO U2F scope ? > (This allows web services to communicate with HID devices - i.e. > that's how some cryptocurrencies hardware wallets are usin

Re: Intent to implement and ship: FIDO U2F API

Hi All, great news ! TL;DR version: -- I love U2F, I love Firefox FIDO U2F is here to stay. FIDO 2.0 do not exist and will not replace U2F. FIDO U2F is really great. Please implement FIDO U2F. Please please please implement TLS Channel ID Binding support (important part of FIDO U2F

Re: Intent to implement and ship: FIDO U2F API

On 12/2/15 8:53 AM, Ms2ger wrote: I don't remember what the current conventional wisdom about prefixing is, but I would be open to shipping with a prefix if people thought that would ease pain in the eventual transition. No. Nonononononononono. This is the conventional wisdom. Prefixes end up

Re: Intent to implement and ship: FIDO U2F API

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/02/2015 03:48 PM, Richard Barnes wrote: > I think we would treat this just like we treat other early-stage > things that get shipped, gradually turning it off when the real > thing shows up. That would mean only shipping it on Nightly and maybe

Re: Intent to implement and ship: FIDO U2F API

On Wed, Dec 2, 2015 at 12:25 AM, wrote: > On Tuesday, December 1, 2015 at 6:04:30 PM UTC-8, Jonas Sicking wrote: > > Oh well. Bummer. > > > > / Jonas > > If it cheers you up any, the 2.0 API that replaces the U2F API uses > promises - http://www.w3.org/Submission/2

Re: Intent to implement and ship: FIDO U2F API

On Tuesday, December 1, 2015 at 6:04:30 PM UTC-8, Jonas Sicking wrote: > Oh well. Bummer. > > / Jonas If it cheers you up any, the 2.0 API that replaces the U2F API uses promises - http://www.w3.org/Submission/2015/SUBM-fido-web-api-20151120/ Richard, it would help if you could clar

Re: Intent to implement and ship: FIDO U2F API

Oh well. Bummer. / Jonas On Tue, Dec 1, 2015 at 5:36 PM, Richard Barnes wrote: > It's my understanding that U2F qua U2F is considered pretty much baked by > the developer community, and there's already code written to it. But these > concerns will be great for the W3C grou

Re: Intent to implement and ship: FIDO U2F API

It's my understanding that U2F qua U2F is considered pretty much baked by the developer community, and there's already code written to it. But these concerns will be great for the W3C group and the successor API. I've got a similar list started related to crypto and future-pro

Re: Intent to implement and ship: FIDO U2F API

n the W3C to create open standards using FIDO as a starting > point. We are proposing to implement the FIDO U2F API in Firefox in its > current form and then track the evolving W3C standard. > > Background: The FIDO Alliance has been developing a standard for > hardware-based u

Intent to implement and ship: FIDO U2F API

point. We are proposing to implement the FIDO U2F API in Firefox in its current form and then track the evolving W3C standard. Background: The FIDO Alliance has been developing a standard for hardware-based user authentication known as “Universal Two-Factor” or U2F [2]. This standard allows a website

Re: Fido U2F, two-factor authentication support

a question of resources. If you have funds or browser engineering chops, patches welcome. It is also about having a good spec to implement. As far as I see, the current spec is more like a initial draft. Stuff like "obtain U2F MessagePort in a browser specific manner" don't sou

Re: Fido U2F, two-factor authentication support

a question of resources. If you have funds or browser engineering chops, patches welcome. It is also about having a good spec to implement. As far as I see, the current spec is more like a initial draft. Stuff like "obtain U2F MessagePort in a browser specific manner" don't sou

Re: Fido U2F, two-factor authentication support

On Sat, Nov 28, 2015 at 9:09 AM, Ian Young wrote: > Maybe a > Mozillian could drop in and give us an explanation of how the W3C > process influences what gets implemented and when? Well, it doesn't really, many things are standardized by the W3C that are a poor fit for browsers. What gets impleme

Re: Fido U2F, two-factor authentication support

FIDO has now submitted the U2F Web API to the W3C[1]. I know this only makes it a *proposed* standard, but I would hope having it on this track would be enough to bump it up a bit in Mozilla's priorities. Maybe a Mozillian could drop in and give us an explanation of how the W3C process influ

Re: Fido U2F, two-factor authentication support

On 18/11/15 19:26, phow...@ccvschools.com wrote: > This is definitely an important feature, but I'm not holding my > breath. I have had a lot of experience with Mozilla over the years > and I really doubt anything will materialize in the near future. Feeling particularly entitled today, are we?

Re: Fido U2F, two-factor authentication support

On Thursday, November 5, 2015 at 1:18:44 AM UTC-7, Jeroen Hoek wrote: > In December 2014 the first public release of the Fido alliance's > Universal 2nd Factor (U2F) specification was published. The idea behind > this open specification is to provide a secure two-factor authentic

Re: Fido U2F, two-factor authentication support

Hi guys... if you need a FIDO U2F server to test against, the Gluu Server has endpoints built in. Its really easy to deploy on Ubuntu / Centos: http://www.gluu.org/docs/admin-guide/deployment/ Also, I recorded a geeky video on how to test FIDO U2F: http://gluu.co/fido-u2f Basically, check

Re: Fido U2F, two-factor authentication support

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There is an experimental add-on being worked on that tries bring U2F support to Firefox. The source code is at <https://github.com/prefiks/u2f4moz>, but it has not yet gone through the Add-on review process. Btw, the most important thing

Re: Fido U2F, two-factor authentication support

+1 I would love love love to have U2F in Firefox. (Also, Dropbox supports it too, just as a data point: http://blogs.dropbox.com/dropbox/2015/08/u2f-security-keys/ ) On Thu, Nov 5, 2015 at 5:18 PM, Jeroen Hoek wrote: > In December 2014 the first public release of the Fido allianc

Fido U2F, two-factor authentication support

In December 2014 the first public release of the Fido alliance's Universal 2nd Factor (U2F) specification was published. The idea behind this open specification is to provide a secure two-factor authentication method with affordable hardware keys and a friendly UX. If I buy a hardware key