Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
|
|
Short answer: Ignore it.
Long answer: It is used to verify the service that a device was manufactured by a specific manufacturer in a specific batch. It is generally only interesting to very paranoid companies. It is not really useful information for end users, and most non-debug implementations should hide it from view. All consumer U2F tokens do not use the attestation certificate to uniquely identify the device (for privacy reasons), so the private key for the attestation certificate (not to be confused with the "device master secret", which is unique to each device) is shared by batches of tokens.
Last edited by darco on Tue Dec 16, 2014 9:09 pm, edited 1 time in total.
|
|
Login
FAQ
Search
