Closed duncancmt closed 4 years ago
@duncancmt That is correct, OnlyKey supports a single U2F profile that works with each slot. It would not be possible to support multiple U2F profiles per slot, however it will support two in the next firmware release. One for the primary profile and one for the secondary.
It appears that OnlyKey is not separating the certificates (or key material?) for different U2F slots. Any slot configured for U2F will correctly authenticate for all U2F configurations
Setup: Configure a slot (let's say 1a) as U2F, register with some some site (let's say FooCorp) Configure a different slot (let's say 2a) as U2F, register with some other site (let's say BarCorp) Begin authenticating to FooCorp Briefly press button 2, to request slot 2a (provisioned for BarCorp)
Expected behavior: Failure to authenticate
Observed behavior: Authentication succeeds