Cyan, like the colorDec 9
? lmao okay
Show threadCyan, like the colorDec 9
"we were tired of supporting a 2fa protocol so instead of sending multiple emails over a fairly long period to let people switch to the new one, we're just gonna turn it off for them right now and switch to a low-security alternative. bye!"
Show threadbaloo

@wxcafe as the person who implemented that shit in the first place, that actually hurts. Code supported both generations of keys, the backend library still supports both generation (https://github.com/Yubico/python-fido2 CTAP1/CTAP2). I’ve made the fixes in the upstream library to support both myself. This is purely laziness or incompetence.

They also disabled the backup key I have stored at my parent’s house. So easy to replace on a whim…

GitHub - Yubico/python-fido2: Provides library functionality for FIDO 2.0, including communication with a device over USB.

Provides library functionality for FIDO 2.0, including communication with a device over USB. - Yubico/python-fido2

GitHub
Dec 9 at 5:40pmWeb
Show threadCyan, like the colorDec 9
@baloo bah j'me souviens bien ouais 😬
Show threadbalooDec 9

@wxcafe I think ... I understand why...

They rewrote account.gandi.net and made a 404 of the facet id static file ...

https://account.gandi.net/api/u2f/trusted_facets.json

This will break any FIDO1 auth ...

Like I said ... incompetence.

Show threadbalooDec 9

@wxcafe This file declares who can consume the security token. The private is bound to the digest of the URL. This was a quirk of U2F / FIDO1 ...

If you remove it, you break the u2f flow.

Show threadCyan, like the colorDec 9
@baloo lol send them an email and a consulting invoice
Show threadMorten LinderudDec 9

@baloo @wxcafe

Happy I moved away recently 🫠🫠🫠🫠