On Oct 29, 2024, at 4:03 AM, Yukiko MINAMIE <mina...@stellar.co.jp> wrote: >> Perhaps one option would be to allow the challenge to be created by the >> FIDO2 server, but add an exchange specific to the EAP-FIDO protocol, which >> would do the cryptographic binding. That exchange could stay inside of >> EAP-FIDO, and wouldn't have to affect any FIDO exchanges. > > Thank you for this suggestion. I was also thinking that it would > be helpful if a similar approach could be implemented.
I believe that if the challenge is created by the server, then I think the crypto binding issues aren't relevant. i.e. the client can just use the servers challenge. Alan DeKok. _______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
