[dathinab]

Tillitis TKeys are very interesting but not yet a full replacement for Yubi in multiple aspects:

- they don't (yet) have all the features, or at least I couldn't find out how to do some of them without implementing them myself. Through due to the design of the TKey this can be added later without needing a new key or anything like that, you could even implement it yourself

- their design approach is a bit different from a Yubikey or similar, mainly it doesn't have any persistent (writable) memory. This has some drawbacks and some benefits. Benefits include that you can add applications later on, have endless many of them, and upgrade applications. E.g. a company handing this key out to 1000 employees and needs to switch to post quantum cryptography doesn't need to buy 1000 new keys, they just deploy an update and the users have to re-enroll their existing keys. Drawbacks include that you can't store anything on the key (TOTP, moving a OpenPGP key onto a Yubi key etc.) so for some appliances you need to have some metadata on the device where you want to use the key with (could be encrypted using the TKey, might just be a seed or similar to derive the right data using the TKey, etc.). Not a problem for typical enterprise use-cases, but a problem/inconvenience for your typical "private" user (which can be negated with support software).

Anyway I think I want to buy one.