> Date: Sat, 25 Mar 2023 08:36:36 -0400 > From: Greg Troxel <g...@lexort.com> > > Thanks very much for the detailed response. > > One thing that's not 100% clear to me: > > One device (plus a second one as a backup!) > > > A device can fail or be lost, so the backup concept is obvious, and > perhaps should extend to a third. > > Are the backup devices independent in that you > > enroll device A on a site > > enroll device B on the same site > > and then either one will be accpeted by the site to login, and they > otherwise don't have anything to do with each other? I mean no transfer > of keymat, or other linkage. > > So therefore one could have a secondary backup in a place far away > that's somewhat hard to get to, and when visiting it every few months, > enroll that backup as an additional key in the sites that were added to > the working device (carried with you) and the primary backup.
That is all correct. Security key enrollments are independent. P.S. There is also a proposal for a scheme that does allow devices to be linked in a way that preserves the privacy properties but doesn't require you to have the backup key itself to enroll it -- only to log in with it -- but it's not there yet: https://www.yubico.com/blog/yubico-proposes-webauthn-protocol-extension-to-simplify-backup-security-keys/)