Wish: Standardized Device onboarding
Supporting fido standard could enhance value of onrio for IoT usecases by adding "passwordless capabilities":
According to this short intro:
I understand that there is a trend to replace passwords by stronger authentications, sounds nice but we need to check how the commitment of "Privacy and Security by Design" is implemented.
Today I am not sure there is any reference OSS implementation of the open spec released yet:
- https://fidoalliance.org/specs/FDO/FIDO-Device-Onboard-PS-v1.1-20220419/FIDO-Device-Onboard-PS-v1.1-20220419.html
- https://github.com/fedora-iot/fido-device-onboard-rs
- https://github.com/secure-device-onboard/readme
Maybe looking at webauthn API could be relevant to get into it:
Related links:
- https://fidoalliance.org/fido-alliance-creates-new-onboarding-standard-to-secure-internet-of-things-iot/
- https://fido-alliance.github.io/how-to-fido/HowToFIDO.html
- https://www.redalertlabs.com/blog/top-10-things-you-should-know-about-fido-device-onboarding-fdo
Cc: @stefanschmidt @zyga @mrybczyn
ps:
I filed this issue here at:
Because I am not granted to file issues at:
Edited by philippe coval