Yubico Forum
https://forum.yubico.com/

Offline client use of U2F protocol
https://forum.yubico.com/viewtopic.php?f=33&t=2580
Page 1 of 1

Author:  MRuth [ Fri Feb 24, 2017 10:51 pm ]
Post subject:  Offline client use of U2F protocol

Would it theoretically be possible for the U2F protocol to be used in an offline environment where a client only needs to authenticate against an application? This could allow the application to store the public information with less security risk than an actual symmetric key used for OTPs or other MFA protocols.

Author:  Sevo [ Wed Mar 15, 2017 9:43 am ]
Post subject:  Re: Offline client use of U2F protocol

Sure. You will have to deploy your own server, but there are plenty of libraries around for that: https://developers.yubico.com/U2F/Libra ... aries.html

Bear in mind that U2F is a web-centric protocol - it will work well in a intranet setting, but you will make matters unnecessarily complex if you use it for software that does not already implement a client-server model of some sort.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/