Open dr-br opened 4 years ago
Any updates? Yubikey supports ed25519.
Hi @dr-br ! We do not have plans for it at the moment, however I believe we would like to have it supported in the future.
Thanks for the update.
Any update on this?
Hi @ge-fa ! Sorry for the delay.
Hopefully this should be added in the coming firmware, scheduled for the release in the next 1-2 weeks.
Sorry to stress you. But could you please update the estimate? My Nitrokey is laying around unused since April because I thought I could directly start using it with my preferred algorithm.
Thnk you!
Hi @thkoch2001 !
Sorry for the delay. Quick follow up, initial solution is under tests in https://github.com/Nitrokey/nitrokey-fido2-firmware/tree/39-support-ed25519 branch. So far looks good.
Will this be merged into master?
How to flash the resulting nitrokey-fido2-firmware/builds/debug-256/nitrokey-fido2-firmware-256kB-dev-2.4.1.nitrokey-30-g1346baa-all-to_flash.hex
onto the device?
Or how do I tell nitropy to use this file?
Thank you.
Hi @dr-br !
after nearly a year, any updates? it still doesn't work
Today, it works. Thanks for the firmware update.
Today, it works. Thanks for the firmware update.
? there was no update since May 2021
I am sorry, but work on this ticket is not planned as of now due to lack of time. While this feature was implemented and tested on the development hardware while flashed freshly, after a firmware update the devices were not booting at all. It still needs a couple of days to determine the cause and find a solution.
What merge request is associated with the ed25519-sk keys? I was not able to find one, but maybe it can be linked here
And how long is a couple of days? Because if there are no resources available for this ticket, I understand we cannot expect progress as well?
Hey @ailox , I've made a draft PR with the branch containing the mentioned unfinished code. My last work estimation for this issue was a couple of days/a week (with potential extension further, since the cause of the problem is unknown), but we do not have that in the time budget right now. Currently project is treated as mature, with new releases containing bugfixes only and no new features. In case some volunteers would like to push this work further with good results, I could ask in the team about deciding to release that officially.
I hate to sound like a broken record, but I too would like to know if there are any updates regarding this issue.
The way forward is to use Nitrokey 3 which supports ed25519.
@jans23 that's true, but why I should buy and support them if the support is so bad? They have supported the Fido2 Stick for less than 2years.. why should this not repeat itself? that makes little courage to buy new when these are supported just as short... that reminds me of Android phones and their update strategy
Essentially the business model of selling hardware is the challenge here. How much did you donate to us for firmware development after buying the Nitrokey FIDO2 for € 29? I assume zero. So your expectation to implement new features after purchasing the product conflicts with our economical resources. This is why from many other vendors you receive no or little firmware updates. BTW, we did support many of our Nitrokeys for many years, far more than two years and we do want to keep doing so.
In order to be able to provide longer software support we came up with two solutions:
Woah now, I did not realize there was an expectation of paying for security updates. If you guys need more money, then charge more for the security keys. It's not economically sound to expect users to pay for firmware updates. I think I will just buy a product from yubico instead. Sure the firmware is closed source, but so is my computer's firmware. And by the way, Lenovo, MSI, or even System76 do not charge for firmware update support.
This is not a security update but a feature request to support another cipher. If you want ed25519 support, please buy Nitrokey 3.
I actually bought a fido2 and a nitrokey3, and donated for firmware updates for the fido2.
I would like to use ed25519-sk with my FIDO2 stick. Currently the situation is as follows:
Thanks!