Yubico Forum

Hello folks,

I was in the process of configuring my new YK4 and have a question regarding the OTP public key length. In the personalization tool I can change the length of the Public Identity. The software states that 6 bytes is the default length as required by the Yubico OTP validation server. It does not state whether that is the only length for OTP validation allowed. When I read through the Yubico Personalization Tool manual located at http://www.yubico.com/wp-content/uploads/2016/03/YubiKeyPersonalizationToolUserGuideMarch2016.pdf it states on page 18 of 48 the following;



So I changed the public identity length to 16 and went to apply it to slot 1. Now the software states if I change the length to anything other than 6 the OTP validation server will not be able to extract the secret key and validation will fail.

Which statement is correct? The one in the manual which allows me to increase the length of the public identity or the software statement?

Thanks in advance for any answers you can give me.

6 bytes is required for using the YubiCloud (for user-programmed credentials, "vv" followed by any 10 modhex characters). Are you trying to use the YubiCloud, or are you trying to implement your own validation server?

Hello Chris



So if I understand you correctly the manual is incorrect where it states that the public identity must be 6bytes or More to use with the Yubico validation servers?

Thanks

DOA

The protocol allows for more the 6 bytes.

CC
VV

public ids will be reserved for YubiCloud and are 6 bytes long (for now)