The TillitisKey should be able to be used for FIDO2, as a TOTP generator etc. Right now there is a SSH agent application, which allows you to sign in by touching the device.
Personally I'm very excited to see what applications will be developed at the hackathon at the OSFC conference, and onwards. We have had people at the conference showing interest in trying to write applications in Rust. I will try and implement an application of my own tomorrow.
I think what they mean is that this can be reprogrammed for more use cases than FIDO2 and U2F, it can say be programmed to support my own homegrown thing that I've made up just now or even a more general concept than just getting into things perhaps.
Yes. And your application will get a per device unique primary secret when loaded, which the application then can use for whatever it needs. (Including not using it all all.)
TOTP, FIDO2, PIV, simple touch triggered challenge/response... or something completely different. If it can fit in around 100 kByte RAM when compiled for RV32IMC and not be too computationally expensive, it could be a Tillitis app.
Just to give you some indication, the Ed25519 signer operation in the SSH authentication we showed on stage today takes ~ one second to perform the signing. And we have several ways to improve that we know already.
Personally I'm very excited to see what applications will be developed at the hackathon at the OSFC conference, and onwards. We have had people at the conference showing interest in trying to write applications in Rust. I will try and implement an application of my own tomorrow.