Ackermann YuriyMy peopleMy people are killing. My people are dying. My people are watching.2 min read·Apr 6, 2022----
Ackermann YuriyinWebAuthn WorksITS SINGLE STEP NOT FACTOR — clarifying more FIDO terminologyI keep seeing people mixing up terminologies. that creates confusing environment. Here are some popular statements:2 min read·Nov 10, 2021--2--2
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: What’s new in MDS3? Migrating from MDS2 to MDS3.It’s a JSON! It looks like MDS2? Nope, that’s MDS3!5 min read·May 26, 2021--1--1
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Demystifying attestation and MDSAnswer to all your uncomfortable question about attestation, MDS and Metadata9 min read·May 24, 2021--3--3
Ackermann YuriyWhy Cloudflare’s CAPTCHA replacement with FIDO2/WebAuthn is a really bad ideaDisclaimer: Thoughts expressed here are my own, and not of my employers.6 min read·May 13, 2021--4--4
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Verifying Apple Anonymous AttestationPlease note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.2 min read·Jan 1, 2021----
Ackermann YuriyinWebAuthn WorksSorting FIDO/CTAP/WebAuthn terminologyCTAP1 my U2F you FIDO2 CTAP2.4 min read·Oct 28, 2020----
Ackermann YuriyinWebAuthn WorksIntroduction to WebAuthn API…or Level 1 Credential Management API extension for Public Key Credentials, and the untold stories of managing credentials in the browser…19 min read·Jan 15, 2019--22--22
Ackermann YuriyinWebAuthn WorksWebAuthn/FIDO2: Verifying Android KeyStore AttestationAndroid KeyStore is a key management container, that defends key material from extraction. Depending on the device, it can be either…3 min read·Dec 15, 2018--2--2