Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:34 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Fri Feb 24, 2017 10:51 pm 
Offline

Joined: Sat Mar 21, 2015 9:44 am
Posts: 15
Would it theoretically be possible for the U2F protocol to be used in an offline environment where a client only needs to authenticate against an application? This could allow the application to store the public information with less security risk than an actual symmetric key used for OTPs or other MFA protocols.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Mar 15, 2017 9:43 am 
Offline

Joined: Wed Mar 15, 2017 9:15 am
Posts: 9
Sure. You will have to deploy your own server, but there are plenty of libraries around for that: https://developers.yubico.com/U2F/Libra ... aries.html

Bear in mind that U2F is a web-centric protocol - it will work well in a intranet setting, but you will make matters unnecessarily complex if you use it for software that does not already implement a client-server model of some sort.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group