Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> The point is you would have a different key on different devices, each of which can access your account.

How would you sign up a new service under this scheme?

Enroll with one device, swap the hardware key, and enroll with the other key?

What if two device are not in the same physical location?



At the moment, yes, that's the process, annoyingly. Ideally, you would sign up with one and then be able to automatically enroll the others, which is in principle possible if you don't use resident keys and instead each device has the public key of the other devices you want enrolled at the same time, but I don't think is currently supported by the standards.


There have been many proven approaches how to solve this.

For example "blessing" the enrollment of a device using another one, potentially across physical locations (i.e. similar to what discord and steam did at least for a time as far as I remember).

> How would you sign up a new service under this scheme?

the same way you do now, there is no difference




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: