| ▲ | raverbashing 10 hours ago | |
> Meanwhile you could be using a hardware security module in a bank vault Yeah you could, but most people won't Should they allow for a yubikey on a non-google phone? Or your own private key? Yes they should. But then there's the issue of enrollment, etc. | ||
| ▲ | AnthonyMouse 10 hours ago | parent [-] | |
> Yeah you could, but most people won't When something is required by law, it needs to work for all people. It also specifically needs to not entrench incumbents by impeding the ability of challengers that don't currently have market share from ever getting any. > Should they allow for a yubikey on a non-google phone? Or your own private key? Yes they should. But then there's the issue of enrollment, etc. There is no such issue because enrollment should be part of the standard so any device that implements the standard can be enrolled. | ||