dehanj
commented
3 months ago I think this is a good idea. It lowers the risk by not having the same private key, when the use case is not, strictly speaking, the same.
Open mchack-work opened 3 months ago
dehanj
commented
3 months ago I think this is a good idea. It lowers the risk by not having the same private key, when the use case is not, strictly speaking, the same.
Using the same device app for different client apps (with same or no USS) gives us the exact same CDI, often used as a secret key.
In other cryptographic systems it's now commonplace to use a context/associated data with key material to differentiate between different uses of the keys. Perhaps we should, too?
If we did, we would get a different CDI for the exact same device app binary
tkey-device-signerif used intkey-ssh-agentcompared to, say, intkey-sign-cli.One way to do this would be to simply append something at the end of the binary when loading, for instance just the name of the client app.
What do you think?