Ackermann YuriyTwo years of Passkeys: A reflection pointI have been quiet on writing for the last two years, mostly because I was not sure what to write. The FIDO ecosystem had a complete reboot…Aug 262Aug 262
Ackermann YuriyMy peopleMy people are killing. My people are dying. My people are watching.Apr 6, 2022Apr 6, 2022
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: What’s new in MDS3? Migrating from MDS2 to MDS3.It’s a JSON! It looks like MDS2? Nope, that’s MDS3!May 26, 20211May 26, 20211
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Demystifying attestation and MDSAnswer to all your uncomfortable question about attestation, MDS and MetadataMay 24, 20213May 24, 20213
Ackermann YuriyWhy Cloudflare’s CAPTCHA replacement with FIDO2/WebAuthn is a really bad ideaDisclaimer: Thoughts expressed here are my own, and not of my employers.May 13, 20214May 13, 20214
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Verifying Apple Anonymous AttestationPlease note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.Jan 1, 2021Jan 1, 2021
Ackermann YuriyinWebAuthn WorksSorting FIDO/CTAP/WebAuthn terminologyCTAP1 my U2F you FIDO2 CTAP2.Oct 28, 2020Oct 28, 2020
Ackermann YuriyinWebAuthn WorksIntroduction to WebAuthn API…or Level 1 Credential Management API extension for Public Key Credentials, and the untold stories of managing credentials in the browser…Jan 15, 201923Jan 15, 201923
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Verifying Android KeyStore AttestationAndroid KeyStore is a key management container, that defends key material from extraction. Depending on the device, it can be either…Dec 15, 20182Dec 15, 20182