Yubico Forum
https://forum.yubico.com/

[QUESTION] Display serial# and firmware of Blue Security Key
https://forum.yubico.com/viewtopic.php?f=33&t=2028
Page 1 of 1

Author:  vitus [ Sun Sep 13, 2015 1:38 am ]
Post subject:  [QUESTION] Display serial# and firmware of Blue Security Key

I have two of the blue security keys. They do not have serial numbers etched into them like normal Yubikeys. The personalization tool also does not recognize them because they are are not normal Yubikeys.

How can I get the serial number and firmware revisions for these devices. At the moment I have to keep VERY close attention to them because I cannot tell them apart!

Author:  Tom2 [ Mon Sep 14, 2015 11:10 am ]
Post subject:  Re: [QUESTION] Display serial# and firmware of Blue Security

A short explanation:
There is no serial number or marking by design on the Security Key by Yubico.
If you'd lose that device none would be able to associate it to you (assuming a corporate environment)

Usually you second (backup keys should be stored somewhere safe in case you'd lose/break your main device)

Author:  brendanhoar [ Mon Sep 14, 2015 6:03 pm ]
Post subject:  Re: [QUESTION] Display serial# and firmware of Blue Security

Tom2 wrote:
A short explanation:
There is no serial number or marking by design on the Security Key by Yubico.
If you'd lose that device none would be able to associate it to you (assuming a corporate environment)

Usually you second (backup keys should be stored somewhere safe in case you'd lose/break your main device)


That makes sense: the design eschews a distinct ID visible to all. Each negotiated-with website can cryptographically validate that key against a previous negotiation with that particular website (usually associated with a particular user account), but cannot validate the key for other sites.

Still, I'd like to see the configuration tool recognize that there's a U2F-only key inserted, even if there's no particular key-specific identifiable data available.

Though...my understanding is that there is supposedly a manufacturer/batch group identifier (which is not unique to the key, but is shared by n keys in a batch of n keys). Perhaps that could also be presented, if it's outwardly readable?

Thanks.

Brendan

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/