Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Doc/Wiki - GPG key compatibility list - OTP apps #664

Closed
skollrc opened this issue Jan 27, 2020 · 2 comments
Closed

Doc/Wiki - GPG key compatibility list - OTP apps #664

skollrc opened this issue Jan 27, 2020 · 2 comments

Comments

@skollrc
Copy link

skollrc commented Jan 27, 2020
edited
Loading

Hi all,

Sorry if my questions look too simple but there still things I do not understand:

GPG keys:
Is there any GPG keys compatibility list? Is the Nitrokey U2F compatible with heads?
Is specificaly this key: https://docs.puri.sm/PureBoot/Heads.html compatible?
Is there any limitation or keys that are know not working with heads?

OTP apps:
Is there only google code app how's compatible? If not does this apps https://f-droid.org/fr/packages/org.fedorahosted.freeotp/ ; https://f-droid.org/fr/packages/com.github.onetimepass/ are compatible? for 2FA?
@skollrc skollrc changed the title Doc/Wiki - GPG key compatibility list Doc/Wiki - GPG key compatibility list - OTP apps Jan 27, 2020
@tlaurion
Copy link
Collaborator

tlaurion commented Feb 5, 2020
edited
Loading

@skollrc:

GPG keys (aka USB Security dongles)
Any gpg2 supported USB security dongle should provide required GPG Heads verified /boot functionalities.

HOTP compliant USB security keys, providing both GPG features and HOTP measurements are the Librem Key, Nitrokey Pro/Nitrokey Storage as of now, activated by board configuration statement CONFIG_HOTP

If @Yubico (and other advertising HOTP USB security Keys) wants to do the required work to make their dongles supported inside of Heads by contributing upstream to the verification library, I do not see why support would not be extended.

Note that issues #641 #665 are not reproducible/not relevant anymore since 92e706b unless proven otherwise.

Are you still having issues after a clean checkout tree and build?
Which board?
Which commit id?

OTP
For OTP applications. The requirement are mostly Heads related in the sense that time is required to be synced and in UTC/GMT-0 under Heads to generate a valid QR Code for which the time base will be the same on your phone. The logic behind OTP requires no time difference between the devices to show both the same OTP code, valid for 30 seconds. IF the devices are not time synced, both devices won't show the same OTP code.

All OTP applications should be compatible, which is why Heads do not provide a list. Of course, the more libre the better.

@tlaurion
Copy link
Collaborator

tlaurion commented Feb 5, 2020
edited
Loading

Please publish documentation relevant Questions/Pull Requests (PR) at https://github.com/osresearch/heads-wiki in the future.

@tlaurion tlaurion closed this as completed Aug 1, 2020
@tlaurion tlaurion mentioned this issue Dec 10, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tlaurion @skollrc