[lug] Yubikey

Kevin Fenzi kevin at scrye.com
Fri Oct 15 12:31:19 MDT 2010


On Wed, 13 Oct 2010 19:35:43 -0600
"David L. Anselmi" <anselmi at anselmi.us> wrote:

> Maxwell Spangler wrote:
> > Anybody care to comment on this?  Some fedora projects are adding
> > support for it.
> >
> > http://yubico.com/products/yubikey/
> 
> The downside to me is that you need a separate key for each org that
> wants to authenticate you.  If you have a private key on a smart card
> you can use it to authenticate to anyone who can figure out how to
> accept an arbitrary key.  Or who can figure out how to get their key
> on the card you already have.

Yeah. The new yubikeys can do two keys... (short press -> 1st key, long
press -> 2nd key), but thats not very scalable. ;) 

I think the thought is that you can use openid from one provider on
others. 

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20101015/e0c21170/attachment.pgp>


More information about the LUG mailing list