[floatboth]

I'm not sure why U2F would be "disabled for security". I guess it's just that nobody has implemented all the required things. For the USB tokens, you need userspace USB HID access and hotplug notifications. I did that in Firefox for FreeBSD :)

[oil25]

When I asked in IRC, I was told U2F was not implemented in browsers on OpenBSD because, "do you really want browsers to have full access to your USB stack?"

[floatboth]

"full access to your USB stack" is not very meaningful (and honestly sounds like a WebUSB criticism, maybe someone thought U2F required WebUSB?!)

You only have access to the devices which you have permission to access. On FreeBSD, we have a devd config that sets the u2f group on U2F tokens.

[beefhash]

tbf, that IRC channel may not exactly be super canonical.

https://cvsweb.openbsd.org/cgi-bin/cvsweb/www/index.html?rev...

"remove freenode channel from index, it lacks any form of sensible moderation."