I started to try a #comparison with all mainstream #FIDO2 #security #keys.
Here Is the comparison:
https://docs.google.com/spreadsheets/d/1o_l6ieNRgf4IDYFcTNuw2st96VjrB-djtT2BMRhRDbI/edit?usp=sharing
it is really hard to compare since vendors are super unstructured
please #boost for more reach
contributors welcome
https://docs.google.com/spreadsheets/d/1o_l6ieNRgf4IDYFcTNuw2st96VjrB-djtT2BMRhRDbI/edit?usp=sharing
updated #fido2 #fido #securitykey #comparison draft Version 0.8
#yubikey #nitrokey #gotrust #feitian #solokey #titan #google
#mfa #u2f
@Fr333k @matthegap @shellsharks @FritzAdalis
@heisec
If updates are needed Post a reply here
Credits to
@Fr333k @matthegap @shellsharks @FritzAdalis
Updated version of #fido2 #hardware #comparison #mfa is always on:
https://docs.google.com/spreadsheets/d/1o_l6ieNRgf4IDYFcTNuw2st96VjrB-djtT2BMRhRDbI/edit?usp=sharing
Comparison [email protected] Vendor,Feitian,Feitan,Feitan,Google Titan,Gotrust,Gotrust,Yubico,Yubico,Yubico,Nitrokey,SoloKey Stick / Model,K49,K40,K40Plus,USB C Version,Idem Key USB C ,Idem Key Plus USB C ,yubik 5C NFC FIPS,yubikey5C Bio,Sec Key C NFC,Nitrokey 3 USB C ,Solo 2C+ FIP...
@kravietz @Fr333k @matthegap @shellsharks @FritzAdalis @heisec
Is there a technical exact „term“ for ssh priv key on stick?
Well, looking at ssh-keygen(1), they speak of “keys hosted on FIDO authenticator”, with a separate class of keys called “resident” which can be uploaded to or downloaded from the token, or just keys that are generated on the token and never exported.
@Fr333k @kravietz @matthegap @FritzAdalis @shellsharks @heisec
Big differentiator as far as I understand is „dumb storage“ in and out. Or one way
Am I missing something or is every thing one way?
EINGFOAN 
kravietz 🦇
Martin Schmiedecker
chrysn