How does the attestation mechanism of U2F guarantee the provenance of the key material?
I’m trying to understand Yubico’s documentation of the U2F standard, and getting hung up on the PIV attestation piece.
The security claim appears to be that the authoritatively-signed attestation certificate sent by the device upon regist… Continue reading How does the attestation mechanism of U2F guarantee the provenance of the key material?