Author: Natanael 2015-03-08 08:20:31
Published on: 2015-03-08T08:20:31+00:00
In an email thread, Pavol Rusnak discussed his implementation of a SignIdentity message for TREZOR which would be used for HTTPS/SSH logins. He shared the idea of deriving the BIP32 path from the HTTPS/SSH URI and using it to derive the private key; this scheme could also work for GPG keys. Another member in the thread mentioned FIDO's U2F protocol (which ties into the browser SSL session to prevent credential phishing) as well as Yubico's FIDO U2F security key, which generates a unique keypair for each service for privacy purposes. The use of the device alone does not allow easy identification across services for people with multiple pseudonyms.
Updated on: 2023-06-09T18:23:42.185520+00:00