[ecesena]

Chiming in to mention SoloKeys, it's open source, FIDO2 certified and supports 50 resident keys.

@snakeye, please feel free to port over the CTAP implementation to your device (same for the other tokens I'm reading in the thread). We have already 3 products selling with our firmware.

https://github.com/solokeys/solo

[gnufx]

Is Somu the same as the current Solo? (Not that I've had much opportunity to exhaust it...) I don't remember seeing that documented, or if the processor/storage is the same.

On the topic of the implementation, is there any estimate for arrival of the PGP support?

[StavrosK]

I mentioned SoloKeys farther down the thread, I'm really excited about the new version. Is that coming out soon? I know it was supposed to come out in June, but haven't heard anything yet. I actually sent you guys an email a few minutes ago.

[ecesena]

Currently manufacturing the very first batch: we're waiting for the PCBs to be shipped, then we'll proceed with assembly, testing, etc.

Conservatively I'd say we'll start shipping around Sep/Oct. But for sure there'll be some "limited edition" tokens in circulation before.

[StavrosK]

That's good news, thanks! Do you know how many resident keys you're going to end up storing? I'm really suffering with the Yubikey's 25, I'm going to write a post on SSH auth with FIDO2 and would like to be able to recommend SoloKeys.

[ecesena]

With the current Solo we have 256kB of flash so we sort of arbitrarily reserved space for 50 RKs, but you can prob tweak the firmware if you need.

With the next gen of Solo we have 2MB of flash, so assume virtually unlimited RKs, at least given the number of sites that currently support them.

(note: double checking w/ the team for correctness)

[StavrosK]

That's really exciting, thanks. I'm kind of banking on FIDO2 RK becoming the standard on the web, so I really want a key that can support thousands of sites. I might be customizing the firmware (AFAIK it's in Rust), and I'm really hoping I can get one of the preview devices to help testing.

[snakeye]

Thank you! I will definitely take a look at your CTAP implementation!